1 results (0.003 seconds)
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38765
https://notcve.org/view.php?id=CVE-2022-38765
Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter. Canon Medical Informatics Vitrea Vision 7.7.76.1 no aplica adecuadamente los controles de acceso. Un usuario autenticado puede obtener acceso no autorizado a los registros de imágenes alterando el parámetro vitrea-view/studies/searchpatientId. • https://www.vitalimages.com/customer-success-support-program/vital-images-software-security-updates • CWE-639: Authorization Bypass Through User-Controlled Key •