QwikSec

Security Database

CVE

CWE

Training

CVE-2018-8852

Published: Sep 26, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or otherwise establishing a new user session, the software gives an attacker the opportunity to steal authenticated sessions without invalidating any existing session identifier.

Vendor	Product	Versions
Philips	e-Alert Unit (non-medical device)	affected `R2.1 and prior`

Weaknesses (CWE)

References

https://www.usa.philips.com/healthcare/about/customer-support/product-security

x_refsource_CONFIRM

vdb-entry

x_refsource_BID

https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.