An issue was discovered on Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network.
References
Link | Resource |
---|---|
https://www.securifera.com/advisories/cve-2018-20052-20053/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2019-04-25 09:29
Updated : 2020-08-24 10:37
NVD link : CVE-2018-20053
Mitre link : CVE-2018-20053
JSON object : View
CWE
Products Affected
cerner
- connectivity_engine_4
- connectivity_engine_4_firmware