CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-39369

In Philips (formerly Carestream) Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Traversal by authenticated users to access files stored outside of the web root.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 51.6%

CVSS Severity

CVSS v3 Score 6.5

References

https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
https://www.usa.philips.com/healthcare
https://www.youtube.com/watch?v=7zC84TNpIxw
https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01
https://www.usa.philips.com/healthcare
https://www.youtube.com/watch?v=7zC84TNpIxw

Products affected by CVE-2021-39369

Philips » Myvue » Version: N/A

cpe:2.3:a:philips:myvue:-
Philips » Speech » Version: N/A

cpe:2.3:a:philips:speech:-
Philips » Vue Motion » Version: 12.2.1.5

cpe:2.3:a:philips:vue_motion:12.2.1.5
Philips » Vue Pacs » Version: N/A

cpe:2.3:a:philips:vue_pacs:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-39369

Products

Pricing

Contact Us