CVE-2018-5438 - OpenCVE

Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information.

No CVSS v3.1

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact None

User Interaction None

Access Vector Local

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact None

AV:L/AC:M/Au:N/C:P/I:P/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Philips	Intellispace Cardiovascular

Configuration 1 [-]

cpe:2.3:a:philips:intellispace_cardiovascular:*:*:*:*:*:*:*:*

References

Link	Resource
http://www.securityfocus.com/bid/102847	Third Party Advisory VDB Entry
https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01	Mitigation Third Party Advisory US Government Resource
https://www.usa.philips.com/healthcare/about/customer-support/product-security	Mitigation Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: icscert

Published: 2018-03-20T17:00:00

Updated: 2018-03-21T09:57:01

Reserved: 2018-01-12T00:00:00

Link: CVE-2018-5438

JSON object: View

NVD Information

Status : Analyzed

Published: 2018-03-20T17:29:00.363

Modified: 2018-04-20T15:02:28.600

Link: CVE-2018-5438

JSON object: View

Redhat Information

No data.

CWE

CWE-613

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-01-24T00:00:00", "descriptions": [{"lang": "en", "value": "Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-03-21T09:57:01", "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "shortName": "icscert"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"}, {"tags": ["x_refsource_MISC"], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01"}, {"name": "102847", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/102847"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "ics-cert@hq.dhs.gov", "ID": "CVE-2018-5438", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://www.usa.philips.com/healthcare/about/customer-support/product-security", "refsource": "CONFIRM", "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"}, {"name": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01", "refsource": "MISC", "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01"}, {"name": "102847", "refsource": "BID", "url": "http://www.securityfocus.com/bid/102847"}]}}}}, "cveMetadata": {"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6", "assignerShortName": "icscert", "cveId": "CVE-2018-5438", "datePublished": "2018-03-20T17:00:00", "dateReserved": "2018-01-12T00:00:00", "dateUpdated": "2018-03-21T09:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:philips:intellispace_cardiovascular:*:*:*:*:*:*:*:*", "matchCriteriaId": "53695467-C883-4602-92F9-1D3BE724C447", "versionEndIncluding": "2.3.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information."}, {"lang": "es", "value": "La aplicaci\u00f3n Philips ISCV, en versiones anteriores a la 2.3.0, tiene una vulnerabilidad de expiraci\u00f3n insuficiente de sesi\u00f3n donde un atacante podr\u00eda reutilizar la sesi\u00f3n de un usuario que haya iniciado sesi\u00f3n anteriormente. La vulnerabilidad existe al emplear ISCV junto con un sistema EMR (Electronic Medical Record) cuando ISCV est\u00e1 en modo KIOSK para m\u00faltiples usuarios y empleando autenticaci\u00f3n de Windows. Esto podr\u00eda permitir que un atacante obtenga acceso no autorizado a informaci\u00f3n de salud del paciente y que pueda modificarla."}], "id": "CVE-2018-5438", "lastModified": "2018-04-20T15:02:28.600", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 3.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.0"}, "exploitabilityScore": 1.0, "impactScore": 5.2, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-03-20T17:29:00.363", "references": [{"source": "ics-cert@hq.dhs.gov", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/102847"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Third Party Advisory", "US Government Resource"], "url": "https://ics-cert.us-cert.gov/advisories/ICSMA-18-025-01"}, {"source": "ics-cert@hq.dhs.gov", "tags": ["Mitigation", "Vendor Advisory"], "url": "https://www.usa.philips.com/healthcare/about/customer-support/product-security"}], "sourceIdentifier": "ics-cert@hq.dhs.gov", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "nvd@nist.gov", "type": "Primary"}]}