CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16247
https://notcve.org/view.php?id=CVE-2020-16247
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. Philips Clinical Collaboration Platform, versiones 12.2.1 y anteriores. El producto expone un recurso a la esfera de control incorrecta, proporcionando a los actores no deseados un acceso inapropiado al recurso • https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01 • CWE-16: Configuration CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16200
https://notcve.org/view.php?id=CVE-2020-16200
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The software does not properly control the allocation and maintenance of a limited resource, thereby enabling an attacker to influence the amount of resources consumed, eventually leading to the exhaustion of available resources. Philips Clinical Collaboration Platform, versiones 12.2.1 y anteriores. El software no controla apropiadamente la asignación y el mantenimiento de un recurso limitado, lo que permite a un atacante influir en la cantidad de recursos consumidos, conllevando eventualmente al agotamiento de los recursos disponibles • https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01 • CWE-757: Selection of Less-Secure Algorithm During Negotiation ('Algorithm Downgrade') •
CVSS: 6.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-16198
https://notcve.org/view.php?id=CVE-2020-16198
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. When an attacker claims to have a given identity, the software does not prove or insufficiently proves the claim is correct. Philips Clinical Collaboration Platform, versiones 12.2.1 y anteriores. Cuando un atacante reclama tener una identidad dada, el software no prueba o prueba insuficientemente que la reclamación sea correcta • https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01 • CWE-693: Protection Mechanism Failure •
CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14525
https://notcve.org/view.php?id=CVE-2020-14525
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a webpage that is served to other users. Philips Clinical Collaboration Platform, versiones 12.2.1 y anteriores. El software no neutraliza o neutraliza incorrectamente una entrada controlada por el usuario antes de que sea colocada en la salida usada como una página web que es servida a otros usuarios • https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01 • CWE-83: Improper Neutralization of Script in Attributes in a Web Page •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-14506
https://notcve.org/view.php?id=CVE-2020-14506
Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly. Philips Clinical Collaboration Platform, versiones 12.2.1 y anteriores. El producto recibe entrada o datos, pero no comprueba o comprueba incorrectamente que la entrada cuenta con las propiedades requeridas para procesar los datos de manera segura y correcta • https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01 • CWE-352: Cross-Site Request Forgery (CSRF) •