What the vulnerability does
01Description
The HTTP header in Philips EncoreAnywhere contains data an attacker may be able to use to gain sensitive information.
CVE-2018-8863
MEDIUM
CVE-2018-8863: Philips EncoreAnywhere Exposure of Sensitive Information to an Unauthorized Actor
CVSS base score
5.9/10
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Key dates
02Disclosure timeline
November 9, 2023
CVE published
September 3, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-25114 Sensitive Information Disclosure (JailID) to users in Collabora Online
CVE-2017-15112
CVE-2024-45043 OpenTelemetry Collector AWS Firehose Receiver Authentication Bypass Vulnerability
CVE-2024-5614 Piotnet Addons For Elementor <= 2.4.29 - Unauthenticated Sensitive Information Exposure
CVE-2025-24071 Microsoft Windows File Explorer Spoofing Vulnerability
