CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-16218

In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. Successful exploitation could lead to unauthorized access to patient data via a read-only web application.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 29.6%

CVSS Severity

CVSS v3 Score 3.5

CVSS v2 Score 2.7

References

https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
https://www.philips.com/productsecurity
https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
https://www.philips.com/productsecurity

Products affected by CVE-2020-16218

Philips » Patient Information Center Ix » Version: b.02

cpe:2.3:a:philips:patient_information_center_ix:b.02
Philips » Patient Information Center Ix » Version: c.02

cpe:2.3:a:philips:patient_information_center_ix:c.02
Philips » Patient Information Center Ix » Version: c.03

cpe:2.3:a:philips:patient_information_center_ix:c.03

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-16218

Products

Pricing

Contact Us