CVE-2019-18241
Summary
| CVE | CVE-2019-18241 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-11-26 00:15:00 UTC |
| Updated | 2019-12-18 17:36:00 UTC |
| Description | In Philips IntelliBridge EC40 and EC80, IntelliBridge EC40 Hub all versions, and IntelliBridge EC80 Hub all versions, the SSH server running on the affected products is configured to allow weak ciphers. This could enable an unauthorized attacker with access to the network to capture and replay the session and gain unauthorized access to the EC40/80 hub. |
Risk And Classification
Problem Types: CWE-326
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Hardware | Philips | Intellibridge Ec40 | - | All | All | All |
| Hardware | Philips | Intellibridge Ec40 | - | All | All | All |
| Operating System | Philips | Intellibridge Ec40 Firmware | All | All | All | All |
| Operating System | Philips | Intellibridge Ec40 Firmware | All | All | All | All |
| Hardware | Philips | Intellibridge Ec80 | - | All | All | All |
| Hardware | Philips | Intellibridge Ec80 | - | All | All | All |
| Operating System | Philips | Intellibridge Ec80 Firmware | All | All | All | All |
| Operating System | Philips | Intellibridge Ec80 Firmware | All | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| Philips IntelliBridge EC40/80 | CISA | MISC | www.us-cert.gov | Third Party Advisory, US Government Resource |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.