CVE-2018-8867

CVE-2018-8867

Vendor Ics-Cert

Product GE PACSystems RX3i CPE305/310 version 9.20 and prior RX3i CPE330 version 9.21 and prior RX3i CPE 400 version 9.30 and prior PACSystems RSTi-EP CPE 100 all versionsPACSystems CPU320/CRU320 RXi all versions

Weakness CWE-20 · Input validation

Published May 18, 2018

Last update September 16, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

In GE PACSystems RX3i CPE305/310 version 9.20 and prior, RX3i CPE330 version 9.21 and prior, RX3i CPE 400 version 9.30 and prior, PACSystems RSTi-EP CPE 100 all versions, and PACSystems CPU320/CRU320 RXi all versions, the device does not properly validate input, which could allow a remote attacker to send specially crafted packets causing the device to become unavailable.

Key dates

02Disclosure timeline

May 18, 2018 CVE published

September 16, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-8867 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

Identifiers

CVE CVE-2018-8867

CWE CWE-20

Affected versions

Vendor Ics-Cert

Affected GE PACSystems RX3i CPE305/310 version 9.20 and prior RX3i CPE330 version 9.21 and prior RX3i CPE 400

01Description

02Disclosure timeline

03References

04Related CVE