![]() In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct.ĬVE-2020-16222 has been assigned to this vulnerability. A CVSS v3.1 base score of 3.5 has been calculated the CVSS vector string is ( AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N). Successful exploitation could lead to unauthorized access to patient data via a read-only web application.ĬVE-2020-16218 has been assigned to this vulnerability. In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is then used as a webpage and served to other users. A CVSS v3.1 base score of 4.2 has been calculated the CVSS vector string is ( AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N).ģ.2.2 IMPROPER NEUTRALIZATION OF INPUT DURING WEB PAGE GENERATION ('CROSS-SITE SCRIPTING') CWE-79 In Patient Information Center iX (PICiX) Versions B.02, C.02, C.03, the software saves user-provided information into a comma-separated value (CSV) file, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as a command when the file is opened by spreadsheet software.ĬVE-2020-16214 has been assigned to this vulnerability. IntelliVue X3 and X2: Versions N and priorģ.2.1 IMPROPER NEUTRALIZATION OF FORMULA ELEMENTS IN A CSV FILE CWE-1236.IntelliVue patient monitors MX100, MX400-MX850, and MP2-MP90: Versions N and prior.PerformanceBridge Focal Point: Version A.01. ![]() ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |