Overview
- Description
- The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.3
- Impact score
- 2.9
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:P/I:N/A:N
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3220AB2-AC0D-4AC2-90D8-76C02FC693EB"
},
{
"criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE1FB3E9-E269-434A-B1C2-D54C40F437BE"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:philips:efficia_cm:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A4B807A6-AF7D-40EA-902B-BD7E9FDAD22B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:philips:efficia_cm_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7F70312-2F3F-42BB-A809-5F275DE0848D",
"versionEndIncluding": "c.0x",
"versionStartIncluding": "a.01"
},
{
"criteria": "cpe:2.3:o:philips:efficia_cm_firmware:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "361EA2EB-1860-4C89-B9B5-9C526600B3B0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]