Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Efficia CM Series by Philips

    CVE-2021-43550 (GCVE-0-2021-43550)

    Vulnerability from nvd – Published: 2021-12-27 18:48 – Updated: 2024-09-16 19:00
    VLAI
    Title
    Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm
    Summary
    The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    References
    Impacted products
    Vendor Product Version
    Philips Efficia CM Series Affected: 4.0
    Affected: A.01 , ≤ C.0x (custom)
    Create a notification for this product.
    Philips Patient Information Center iX (PIC iX) Affected: C.02
    Affected: C.03
    Create a notification for this product.
    Date Public
    2021-11-18 00:00
    Credits
    Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:03:08.513Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Efficia CM Series",
              "vendor": "Philips",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0"
                },
                {
                  "lessThanOrEqual": "C.0x",
                  "status": "affected",
                  "version": "A.01",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Patient Information Center iX (PIC iX)",
              "vendor": "Philips",
              "versions": [
                {
                  "status": "affected",
                  "version": "C.02"
                },
                {
                  "status": "affected",
                  "version": "C.03"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks"
            }
          ],
          "datePublic": "2021-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-12-27T18:48:23.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
            }
          ],
          "source": {
            "advisory": "ICSMA-21-322-02",
            "discovery": "UNKNOWN"
          },
          "title": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2021-11-18T15:34:00.000Z",
              "ID": "CVE-2021-43550",
              "STATE": "PUBLIC",
              "TITLE": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Efficia CM Series",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "A.01",
                                "version_value": "C.0x"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "4.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Patient Information Center iX (PIC iX)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "C.02"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "C.03"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Philips"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02",
                  "refsource": "MISC",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
                }
              ]
            },
            "solution": [
              {
                "lang": "en"
              }
            ],
            "source": {
              "advisory": "ICSMA-21-322-02",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2021-43550",
        "datePublished": "2021-12-27T18:48:23.613Z",
        "dateReserved": "2021-11-08T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:00:27.450Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2021-43550 (GCVE-0-2021-43550)

    Vulnerability from cvelistv5 – Published: 2021-12-27 18:48 – Updated: 2024-09-16 19:00
    VLAI
    Title
    Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm
    Summary
    The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
    CWE
    • CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
    Assigner
    References
    Impacted products
    Vendor Product Version
    Philips Efficia CM Series Affected: 4.0
    Affected: A.01 , ≤ C.0x (custom)
    Create a notification for this product.
    Philips Patient Information Center iX (PIC iX) Affected: C.02
    Affected: C.03
    Create a notification for this product.
    Date Public
    2021-11-18 00:00
    Credits
    Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T04:03:08.513Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Efficia CM Series",
              "vendor": "Philips",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.0"
                },
                {
                  "lessThanOrEqual": "C.0x",
                  "status": "affected",
                  "version": "A.01",
                  "versionType": "custom"
                }
              ]
            },
            {
              "product": "Patient Information Center iX (PIC iX)",
              "vendor": "Philips",
              "versions": [
                {
                  "status": "affected",
                  "version": "C.02"
                },
                {
                  "status": "affected",
                  "version": "C.03"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks"
            }
          ],
          "datePublic": "2021-11-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-327",
                  "description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-12-27T18:48:23.000Z",
            "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
            "shortName": "icscert"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
            }
          ],
          "source": {
            "advisory": "ICSMA-21-322-02",
            "discovery": "UNKNOWN"
          },
          "title": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm",
          "x_generator": {
            "engine": "Vulnogram 0.0.9"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "ics-cert@hq.dhs.gov",
              "DATE_PUBLIC": "2021-11-18T15:34:00.000Z",
              "ID": "CVE-2021-43550",
              "STATE": "PUBLIC",
              "TITLE": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Efficia CM Series",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "\u003c=",
                                "version_name": "A.01",
                                "version_value": "C.0x"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "4.0"
                              }
                            ]
                          }
                        },
                        {
                          "product_name": "Patient Information Center iX (PIC iX)",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "C.02"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "C.03"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Philips"
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0."
                }
              ]
            },
            "generator": {
              "engine": "Vulnogram 0.0.9"
            },
            "impact": {
              "cvss": {
                "attackComplexity": "HIGH",
                "attackVector": "ADJACENT_NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 5.9,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
                "version": "3.1"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02",
                  "refsource": "MISC",
                  "url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
                }
              ]
            },
            "solution": [
              {
                "lang": "en"
              }
            ],
            "source": {
              "advisory": "ICSMA-21-322-02",
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "assignerShortName": "icscert",
        "cveId": "CVE-2021-43550",
        "datePublished": "2021-12-27T18:48:23.613Z",
        "dateReserved": "2021-11-08T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:00:27.450Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }