CVE-2020-16198

MEDIUM

Philips Clinical Collaboration Platform <12.2.1 - Info Disclosure

Title source: llm

Description

When an attacker claims to have a given identity, Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not prove or insufficiently proves the claim is correct.

References (2)

[Various Sources] https://www.philips.com/a-w/security/security-advisories/product-security-2020.html#2020_archive

[Third Party Advisory, US Government Resource] https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01

Scores

CVSS v3 5.0

EPSS 0.0004

EPSS Percentile 10.5%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Classification

CWE

CWE-693

Status published

Affected Products (1)

philips/clinical_collaboration_platform < 12.2.1

Timeline

Published Sep 18, 2020

Tracked Since Feb 18, 2026