Vulnerability CVE-2018-19014


Published: 2019-01-28

Description:
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Log files are accessible over an unauthenticated network connection. By accessing the log files, an attacker is able to gain insights about internals of the patient monitor, the location of the monitor, and wired network configuration.

Type:

CWE-532

(Information Exposure Through Log Files)

CVSS2 => (AV:A/AC:L/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
3.3/10
2.9/10
6.5/10
Exploit range
Attack complexity
Authentication
Adjacent network
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Draeger -> Delta xl firmware 
Draeger -> Infinity delta firmware 
Draeger -> Infinity explorer c700 firmware 
Draeger -> Kappa firmware 

 References:
http://www.securityfocus.com/bid/106683
https://ics-cert.us-cert.gov/advisories/ICSMA-19-022-01

Copyright 2024, cxsecurity.com

 

Back to Top