CVE-2018-14803

MEDIUM

Philips e-Alert Unit <R2.1 - Info Disclosure

Title source: llm
STIX 2.1

Description

Philips e-Alert Unit (non-medical device), Version R2.1 and prior. The Philips e-Alert contains a banner disclosure vulnerability that could allow attackers to obtain extraneous product information, such as OS and software components, via the HTTP response header that is normally not available to the attacker, but might be useful information in an attack.

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/105194
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSA-18-242-01

Scores

CVSS v3 5.3
EPSS 0.0174
EPSS Percentile 74.9%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-200
Status published
Products (1)
philips/e-alert_firmware < r2.1
Published Sep 26, 2018
Tracked Since Feb 18, 2026