Resource Exhaustion in Philips Clinical Collaboration Platform
CVE-2020-16200

6.5MEDIUM

Key Information:

Vendor
Philips
Status
Philips Clinical Collaboration Platform
Vendor
CVE Published:
18 September 2020

Summary

The Philips Clinical Collaboration Platform, up to version 12.2.1, contains a vulnerability that improperly manages the allocation and maintenance of resources. This flaw allows an attacker to manipulate resource consumption, leading to potential resource exhaustion. As a result, legitimate users may experience disruption in service availability, which can severely impact healthcare operations reliant on this platform. It is crucial for users to apply relevant mitigations to safeguard against possible exploitation of this vulnerability.

Affected Version(s)

Philips Clinical Collaboration Platform Versions 12.2.1 and prior

References

https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01
x_refsource_MISC

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.