CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-27493 – Philips Vue PACS
https://notcve.org/view.php?id=CVE-2021-27493
Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component. Philips Vue PACS versiones 12.2.x.x y anteriores, no asegura o asegura incorrectamente que los mensajes o datos estructurados estén bien formados y que sean cumplidas determinadas propiedades de seguridad antes de ser leídos desde un componente ascendente o enviados a un componente descendente • http://www.philips.com/productsecurity https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01 •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2021-23173 – ICSMA-22-006-01 Philips Engage Software
https://notcve.org/view.php?id=CVE-2021-23173
The affected product is vulnerable to an improper access control, which may allow an authenticated user to gain unauthorized access to sensitive data. El producto afectado es vulnerable a un control de acceso inapropiado, que puede permitir a un usuario autenticado conseguir acceso no autorizado a datos confidenciales • https://www.cisa.gov/uscert/ics/advisories/icsma-22-006-01 • CWE-284: Improper Access Control •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2021-43550 – Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm
https://notcve.org/view.php?id=CVE-2021-43550
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0. El uso de un algoritmo criptográfico roto o arriesgado es un riesgo no necesario que puede resultar en una exposición de información confidencial, que afecta a las comunicaciones entre Patient Information Center iX (PIC iX) Versiones C.02 y C.03 y Efficia CM Series Revisiones A.01 a C.0x y 4.0 • https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2021-43548 – Philips Patient Information Center iX (PIC iX) and Efficia CM Series Improper Input Validation
https://notcve.org/view.php?id=CVE-2021-43548
Patient Information Center iX (PIC iX) Versions C.02 and C.03 receives input or data, but does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly. Patient Information Center iX (PIC iX) Versiones C.02 y C.03, recibe entradas o datos, pero no comprueba o comprueba incorrectamente que la entrada presenta las propiedades necesarias para procesar los datos de forma segura y correcta • https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02 • CWE-20: Improper Input Validation •
CVSS: 6.1EPSS: 0%CPEs: 3EXPL: 0CVE-2021-43552 – Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of Hard-coded Cryptographic Key
https://notcve.org/view.php?id=CVE-2021-43552
The use of a hard-coded cryptographic key significantly increases the possibility encrypted data may be recovered from the Patient Information Center iX (PIC iX) Versions B.02, C.02, and C.03. El uso de una clave criptográfica embebida aumenta significativamente la posibilidad de que los datos encriptados puedan ser recuperados de Patient Information Center iX (PIC iX) Versiones B.02, C.02 y C.03 • https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02 • CWE-321: Use of Hard-coded Cryptographic Key •