Health Insurance Web Service Component

health_insurance_web_service_component

Vendor: Nhi • 4 CVEs

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-35219 1Nhi 1Health Insurance Web Service Component Nov 21, 2024 Aug 2, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerabil...Show more The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet key parameter. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.Show less
CVE-2022-35218 1Nhi 1Health Insurance Web Service Component Nov 21, 2024 Aug 2, 2022 N/A· v4 5.5 MEDIUM· v3 N/A· v2 The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerabi...Show more The NHI card’s web service component has a heap-based buffer overflow vulnerability due to insufficient validation for packet origin parameter length. A LAN attacker with general user privilege can exploit this vulnerability to disrupt service.Show less
CVE-2022-35217 1Nhi 1Health Insurance Web Service Component Nov 21, 2024 Aug 2, 2022 N/A· v4 7.8 HIGH· v3 N/A· v2 The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit...Show more The NHI card’s web service component has a stack-based buffer overflow vulnerability due to insufficient validation for network packet header length. A local area network attacker with general user privilege can exploit this vulnerability to execute arbitrary code, manipulate system command or disrupt service.Show less
CVE-2021-45918 1Nhi 1Health Insurance Web Service Component Nov 21, 2024 Jun 20, 2022 N/A· v4 7.5 HIGH· v3 7.8 HIGH· v2 NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memor...Show more NHI’s health insurance web service component has insufficient validation for input string length, which can result in heap-based buffer overflow attack. A remote attacker can exploit this vulnerability to flood the memory space reserved for the program, in order to terminate service without authentication, which requires a system restart to recover service.Show less