cnvd - cnvd-2018-02350

CNVD-2018-02350

Vulnerability from cnvd - Published: 2018-01-31

Title

Philips IntelliSpace Cardiovascular System未授权访问漏洞

Description

Philips IntelliSpace Cardiovascular (ISCV)是一个全面的心脏图像和信息管理系统。 Philips IntelliSpace Cardiovascular System存在未授权访问漏洞，ISCV与电子病历（EMR）系统一起使用时，ISCV处于KIOSK模式，适用于多个用户并使用Windows身份验证，允许攻击者未经授权访问存储在系统中的敏感信息并修改此信息。

Severity

中

Formal description

厂商尚未提供漏洞修补方案，请关注厂商主页及时更新： https://www.philips.com/productsecurity

Reference

https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01

Impacted products

Name
Philips IntelliSpace Cardiovascular <=2.3.0

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-5438"
    }
  },
  "description": "Philips IntelliSpace Cardiovascular (ISCV)\u662f\u4e00\u4e2a\u5168\u9762\u7684\u5fc3\u810f\u56fe\u50cf\u548c\u4fe1\u606f\u7ba1\u7406\u7cfb\u7edf\u3002\r\n\r\nPhilips IntelliSpace Cardiovascular System\u5b58\u5728\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e\uff0cISCV\u4e0e\u7535\u5b50\u75c5\u5386\uff08EMR\uff09\u7cfb\u7edf\u4e00\u8d77\u4f7f\u7528\u65f6\uff0cISCV\u5904\u4e8eKIOSK\u6a21\u5f0f\uff0c\u9002\u7528\u4e8e\u591a\u4e2a\u7528\u6237\u5e76\u4f7f\u7528Windows\u8eab\u4efd\u9a8c\u8bc1\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u672a\u7ecf\u6388\u6743\u8bbf\u95ee\u5b58\u50a8\u5728\u7cfb\u7edf\u4e2d\u7684\u654f\u611f\u4fe1\u606f\u5e76\u4fee\u6539\u6b64\u4fe1\u606f\u3002",
  "discovererName": "unknow",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://www.philips.com/productsecurity",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2018-02350",
  "openTime": "2018-01-31",
  "products": {
    "product": "Philips IntelliSpace Cardiovascular \u003c=2.3.0"
  },
  "referenceLink": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01",
  "serverity": "\u4e2d",
  "submitTime": "2018-01-31",
  "title": "Philips IntelliSpace Cardiovascular System\u672a\u6388\u6743\u8bbf\u95ee\u6f0f\u6d1e"
}

CVE-2018-5438 (GCVE-0-2018-5438)

Vulnerability from cvelistv5 – Published: 2018-03-20 17:00 – Updated: 2024-08-05 05:33

Summary

Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information.

Severity ?

No CVSS data available.

CWE

Assigner

icscert

References

URL

Tags

	https://www.usa.philips.com/healthcare/about/cust…	x_refsource_CONFIRM
	https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01	x_refsource_MISC
	http://www.securityfocus.com/bid/102847	vdb-entryx_refsource_BID

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:33:44.216Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01"
          },
          {
            "name": "102847",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/102847"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2018-01-24T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-03-21T09:57:01",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01"
        },
        {
          "name": "102847",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/102847"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "ics-cert@hq.dhs.gov",
          "ID": "CVE-2018-5438",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://www.usa.philips.com/healthcare/about/customer-support/product-security",
              "refsource": "CONFIRM",
              "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"
            },
            {
              "name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01",
              "refsource": "MISC",
              "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01"
            },
            {
              "name": "102847",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/102847"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2018-5438",
    "datePublished": "2018-03-20T17:00:00",
    "dateReserved": "2018-01-12T00:00:00",
    "dateUpdated": "2024-08-05T05:33:44.216Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2018-02350

CVE-2018-5438 (GCVE-0-2018-5438)

Tags

Sightings

Nomenclature