Overview
- Description
- Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Modified
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 7.8
- Impact score
- 5.9
- Exploitability score
- 1.8
- Vector string
- CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:philips:intellispace_portal:8.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "374B9A63-793D-41A1-A02F-4642031DA5FA"
},
{
"criteria": "cpe:2.3:a:philips:intellispace_portal:9.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "784EBE3C-D9CB-433E-BC1D-4403B3BAB6AA"
}
],
"operator": "OR"
}
]
}
]