Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Philips IntelliBridge Enterprise IBE Insertion of Sensitive Information into Log File
Vulnerability Description
Philips IntelliBridge Enterprise (IBE), Versions B.12 and prior, IntelliBridge Enterprise system integration with SureSigns (VS4), EarlyVue (VS30) and IntelliVue Guardian (IGS). Unencrypted user credentials received in the IntelliBridge Enterprise (IBE) are logged within the transaction logs, which are secured behind the login based administrative web portal. The unencrypted user credentials sent from the affected products listed above, for the purpose of handshake or authentication with the Enterprise Systems, are logged as the payload in IntelliBridge Enterprise (IBE) within the transaction logs. An attacker with administrative privileges could exploit this vulnerability to read plain text credentials from log files.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
通过日志文件的信息暴露
Vulnerability Title
Philips IntelliBridge Enterprise 日志信息泄露漏洞
Vulnerability Description
Philips IntelliBridge Enterprise(IBE)是荷兰飞利浦(Philips)公司的一款能够为EHR(电子健康纪录)和Philips临床解决方案之间提供单点联系的解决方案。 Philips IBE B.12及之前版本中存在日志信息泄露漏洞。攻击者可利用该漏洞从日志文件中读取纯文本凭据。
CVSS Information
N/A
Vulnerability Type
N/A