CVE-2017-14111
Summary
| CVE | CVE-2017-14111 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-11-17 20:29:00 UTC |
| Updated | 2019-10-03 00:03:00 UTC |
| Description | The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user entitlements. |
Risk And Classification
Problem Types: CWE-522
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Philips | Intellispace Cardiovascular | All | All | All | All |
| Application | Philips | Xcelera | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Philips IntelliSpace Cardiovascular System and Xcelera System Vulnerability | ICS-CERT | MISC | ics-cert.us-cert.gov | Issue Tracking, Third Party Advisory, US Government Resource |
| Philips IntelliSpace Cardiovascular and Xcelera CVE-2017-14111 Information Disclosure Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Product Security | Philips | CONFIRM | www.usa.philips.com | Issue Tracking, Mitigation, Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.