- Description
- The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 3.3
- Impact score
- 2.9
- Exploitability score
- 6.5
- Vector string
- AV:A/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "F3220AB2-AC0D-4AC2-90D8-76C02FC693EB"
},
{
"criteria": "cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "AE1FB3E9-E269-434A-B1C2-D54C40F437BE"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:philips:efficia_cm:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A4B807A6-AF7D-40EA-902B-BD7E9FDAD22B"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:philips:efficia_cm_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "E7F70312-2F3F-42BB-A809-5F275DE0848D",
"versionEndIncluding": "c.0x",
"versionStartIncluding": "a.01"
},
{
"criteria": "cpe:2.3:o:philips:efficia_cm_firmware:4.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "361EA2EB-1860-4C89-B9B5-9C526600B3B0"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]