CVE-2018-19014
Summary
| CVE | CVE-2018-19014 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-01-28 22:29:00 UTC |
| Updated | 2019-10-09 23:37:00 UTC |
| Description | Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Log files are accessible over an unauthenticated network connection. By accessing the log files, an attacker is able to gain insights about internals of the patient monitor, the location of the monitor, and wired network configuration. |
Risk And Classification
Problem Types: CWE-532
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Draeger | Delta Xl | - | All | All | All |
| Hardware | Draeger | Delta Xl | - | All | All | All |
| Operating System | Draeger | Delta Xl Firmware | All | All | All | All |
| Operating System | Draeger | Delta Xl Firmware | All | All | All | All |
| Hardware | Draeger | Infinity Delta | - | All | All | All |
| Hardware | Draeger | Infinity Delta | - | All | All | All |
| Operating System | Draeger | Infinity Delta Firmware | All | All | All | All |
| Operating System | Draeger | Infinity Delta Firmware | All | All | All | All |
| Hardware | Draeger | Infinity Explorer C700 | - | All | All | All |
| Hardware | Draeger | Infinity Explorer C700 | - | All | All | All |
| Operating System | Draeger | Infinity Explorer C700 Firmware | All | All | All | All |
| Operating System | Draeger | Infinity Explorer C700 Firmware | All | All | All | All |
| Hardware | Draeger | Kappa | - | All | All | All |
| Hardware | Draeger | Kappa | - | All | All | All |
| Operating System | Draeger | Kappa Firmware | All | All | All | All |
| Operating System | Draeger | Kappa Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Dräger Infinity Delta | ICS-CERT | MISC | ics-cert.us-cert.gov | Third Party Advisory, US Government Resource |
| Multiple Dräger Products Multiple Security Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.