Описание
Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.
Ссылки
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
- Vendor Advisory
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 12.2.1.5 (исключая)Версия до 12.2.8.0 (исключая)Версия до 12.2.1.5 (исключая)Версия до 12.2.8.0 (исключая)
Одно из
cpe:2.3:a:philips:myvue:*:*:*:*:*:*:*:*
cpe:2.3:a:philips:speech:*:*:*:*:*:*:*:*
cpe:2.3:a:philips:vue_motion:*:*:*:*:*:*:*:*
cpe:2.3:a:philips:vue_pacs:*:*:*:*:*:*:*:*
EPSS
Процентиль: 37%
0.00162
Низкий
6.1 Medium
CVSS3
6.5 Medium
CVSS3
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
CWE-707
Связанные уязвимости
CVSS3: 6.5
github
почти 4 года назад
Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.
EPSS
Процентиль: 37%
0.00162
Низкий
6.1 Medium
CVSS3
6.5 Medium
CVSS3
6.4 Medium
CVSS2
Дефекты
NVD-CWE-Other
CWE-707