Main Vulnerability Database Vulnerabilities #VU28992

#VU28992 Inclusion of Sensitive Information in Log Files in IntelliBridge Enterprise (IBE) - CVE-2020-12023

Published: June 12, 2020

Vulnerability identifier: #VU28992

Vulnerability risk: Low

CVSSv4.0: CVSS:4.0/AV:A/AC:L/AT:P/PR:H/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2020-12023

CWE-ID: CWE-532

Exploitation vector: Adjecent network

Exploit availability: No public exploit available

Vulnerable software:
IntelliBridge Enterprise (IBE)

Software vendor:
Philips

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to software stores sensitive information into log files. An administrator on the local network can read plain text credentials from log files.

This vulnerability affects the following Workflows:

IntelliBridge Enterprise system integration with,

SureSigns (VS4)
EarlyVue (VS30)
IntelliVue Guardian (IGS)

Remediation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability.

External links

https://www.us-cert.gov/ics/advisories/icsma-20-163-01

#VU28992 Inclusion of Sensitive Information in Log Files in IntelliBridge Enterprise (IBE) - CVE-2020-12023

Description

Remediation

External links

Please verify you're human