Описание
Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter.
Уязвимые конфигурации
Конфигурация 1Версия до 7.8 (исключая)
cpe:2.3:a:canon:vitrea_view:*:*:*:*:*:*:*:*
EPSS
Процентиль: 54%
0.00318
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-639
CWE-639
Связанные уязвимости
CVSS3: 6.5
github
около 3 лет назад
Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter.
EPSS
Процентиль: 54%
0.00318
Низкий
6.5 Medium
CVSS3
Дефекты
CWE-639
CWE-639