CVE-2021-27493 — Vulnetix

CVE-2021-27493 PUBLISHED CVSS 6.099999904632568 MEDIUM

Philips Vue PACS versions 12.2.x.x and prior does not ensure or incorrectly ensures structured messages or data are well formed and that certain security properties are met before being read from an upstream component or sent to a downstream component.

EPSS 0.16% · 36.8th percentile

Risk Scores

CVSS v3.1

6.099999904632568

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS Score

0.16%

36.8th percentile

Affected Products

Vendor	Product	Versions
Philips	Vue PACS	unspecified
philips	vue_motion	0
Philips	Vue Speech	*
Philips	Vue MyVue	unspecified
Philips	Vue Motion	*
philips	vue_pacs	0
philips	myvue	0
philips	speech	0

Timeline

Apr 1, 2022 CVE Published
Apr 2, 2022 EPSS Score
Apr 2, 2022 PoC Published
May 23, 2022 EPSS Score
Jul 12, 2022 EPSS Score
Sep 2, 2022 EPSS Score
Oct 22, 2022 EPSS Score
Dec 12, 2022 EPSS Score
Jan 31, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 23, 2023 EPSS Score
May 12, 2023 EPSS Score

References

https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01 url
http://www.philips.com/productsecurity url
https://nvd.nist.gov/vuln/detail/CVE-2021-27493 advisory

Open in Interactive Console →