NHI Health Insurance Web Service Component

CPE Details

NHI Health Insurance Web Service Component
nhi
health_insurance_web_service_component
-
2022-06-27
11h12 +00:00
2022-11-09
14h10 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:nhi:health_insurance_web_service_component:-:*:*:*:*:*:*:*

Informations

Vendor

nhi

Product

health_insurance_web_service_component

Version

-

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-35219 2022-08-02 15h20 +00:00 The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.
5.5
Medium
CVE-2022-35218 2022-08-02 15h20 +00:00 The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.
5.5
Medium
CVE-2022-35217 2022-08-02 02h55 +00:00 The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service.
7.8
High
CVE-2021-45918 2022-06-20 05h30 +00:00 NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service.
7.5
High