Philips e-Alert Unit (non-medical device), Version R2.1 and prior. When authenticating a user or otherwise establishing a new user session, the software gives an attacker the opportunity to steal authenticated sessions without invalidating any existing session identifier.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2018-09-26T19:00:00Z
Updated: 2024-09-16T23:22:08.056Z
Reserved: 2018-03-20T00:00:00
Link: CVE-2018-8852
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-09-26T19:29:02.597
Modified: 2024-11-21T04:14:27.230
Link: CVE-2018-8852
Redhat
No data.