CVE-2020-16247 - Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a resource t

CVE-2020-16247

Summary

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.

References

https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01

Vulnerable Configurations

cpe:2.3:a:philips:clinical_collaboration_platform:12.2.1:*:*:*:*:*:*:*
cpe:2.3:a:philips:clinical_collaboration_platform:12.2.1:*:*:*:*:*:*:*

CVSS

Base:	3.6 (as of 25-04-2022 - 17:42)
Impact:
Exploitability:

CWE

CWE-668

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	PARTIAL	NONE

cvss-vector via4

AV:L/AC:L/Au:N/C:P/I:P/A:N

refmap via4

misc

https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01

Last major update

25-04-2022 - 17:42

Published

18-09-2020 - 18:15

Last modified

25-04-2022 - 17:42