CVE-2018-5470
Summary
| CVE | CVE-2018-5470 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2018-03-26 14:29:00 UTC |
| Updated | 2019-10-09 23:41:00 UTC |
| Description | Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges. |
Risk And Classification
Problem Types: CWE-426
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Philips | Intellispace Portal | 8.0 | All | All | All |
| Application | Philips | Intellispace Portal | 9.0 | All | All | All |
| Application | Philips | Intellispace Portal | 8.0 | All | All | All |
| Application | Philips | Intellispace Portal | 9.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Philips Intellispace Portal ISP Vulnerabilities | ICS-CERT | MISC | ics-cert.us-cert.gov | Third Party Advisory, US Government Resource |
| Philips Intellispace Portal Multiple Security Vulnerabilities | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Product Security | Philips | CONFIRM | www.usa.philips.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.