Input Validation Flaw in Philips Clinical Collaboration Platform
CVE-2020-14506

4.3MEDIUM

Key Information:

Vendor: Philips
Status: Philips Clinical Collaboration Platform
Vendor: CVE Published:; 18 September 2020

Summary

The Philips Clinical Collaboration Platform suffers from an input validation vulnerability where it fails to properly validate incoming data. This flaw could allow an attacker to exploit the system by sending crafted inputs that do not conform to the expected properties, potentially leading to unsafe data processing and affecting the overall security of the application.

Affected Version(s)

Philips Clinical Collaboration Platform Versions 12.2.1 and prior

References

https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01

x_refsource_MISC

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 18, 2020
Vulnerability Reserved
Jun 19, 2020