Search criteria
2 vulnerabilities found for Efficia CM Series by Philips
CVE-2021-43550 (GCVE-0-2021-43550)
Vulnerability from cvelistv5 – Published: 2021-12-27 18:48 – Updated: 2024-09-16 19:00
VLAI?
Summary
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
Severity ?
5.9 (Medium)
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Philips | Efficia CM Series |
Affected:
4.0
Affected: A.01 , ≤ C.0x (custom) |
|||||||
|
|||||||||
Credits
Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Efficia CM Series",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "4.0"
},
{
"lessThanOrEqual": "C.0x",
"status": "affected",
"version": "A.01",
"versionType": "custom"
}
]
},
{
"product": "Patient Information Center iX (PIC iX)",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks"
}
],
"datePublic": "2021-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:48:23",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
}
],
"source": {
"advisory": "ICSMA-21-322-02",
"discovery": "UNKNOWN"
},
"title": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-11-18T15:34:00.000Z",
"ID": "CVE-2021-43550",
"STATE": "PUBLIC",
"TITLE": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Efficia CM Series",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "A.01",
"version_value": "C.0x"
},
{
"version_affected": "=",
"version_value": "4.0"
}
]
}
},
{
"product_name": "Patient Information Center iX (PIC iX)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "C.02"
},
{
"version_affected": "=",
"version_value": "C.03"
}
]
}
}
]
},
"vendor_name": "Philips"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
}
]
},
"solution": [
{
"lang": "en"
}
],
"source": {
"advisory": "ICSMA-21-322-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-43550",
"datePublished": "2021-12-27T18:48:23.613762Z",
"dateReserved": "2021-11-08T00:00:00",
"dateUpdated": "2024-09-16T19:00:27.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-43550 (GCVE-0-2021-43550)
Vulnerability from nvd – Published: 2021-12-27 18:48 – Updated: 2024-09-16 19:00
VLAI?
Summary
The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0.
Severity ?
5.9 (Medium)
CWE
- CWE-327 - Use of a Broken or Risky Cryptographic Algorithm
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||
|---|---|---|---|---|---|---|---|---|---|
| Philips | Efficia CM Series |
Affected:
4.0
Affected: A.01 , ≤ C.0x (custom) |
|||||||
|
|||||||||
Credits
Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T04:03:08.513Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Efficia CM Series",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "4.0"
},
{
"lessThanOrEqual": "C.0x",
"status": "affected",
"version": "A.01",
"versionType": "custom"
}
]
},
{
"product": "Patient Information Center iX (PIC iX)",
"vendor": "Philips",
"versions": [
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks"
}
],
"datePublic": "2021-11-18T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-12-27T18:48:23",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
}
],
"source": {
"advisory": "ICSMA-21-322-02",
"discovery": "UNKNOWN"
},
"title": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "ics-cert@hq.dhs.gov",
"DATE_PUBLIC": "2021-11-18T15:34:00.000Z",
"ID": "CVE-2021-43550",
"STATE": "PUBLIC",
"TITLE": "Philips Patient Information Center iX (PIC iX) and Efficia CM Series Use of a Broken or Risky Cryptographic Algorithm"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Efficia CM Series",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "A.01",
"version_value": "C.0x"
},
{
"version_affected": "=",
"version_value": "4.0"
}
]
}
},
{
"product_name": "Patient Information Center iX (PIC iX)",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "C.02"
},
{
"version_affected": "=",
"version_value": "C.03"
}
]
}
}
]
},
"vendor_name": "Philips"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Younes Dragoni, Andrea Palanca and Ivan Speziale of Nozomi Networks"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The use of a broken or risky cryptographic algorithm is an unnecessary risk that may result in the exposure of sensitive information, which affects the communications between Patient Information Center iX (PIC iX) Versions C.02 and C.03 and Efficia CM Series Revisions A.01 to C.0x and 4.0."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:L/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02",
"refsource": "MISC",
"url": "https://www.cisa.gov/uscert/ics/advisories/icsma-21-322-02"
}
]
},
"solution": [
{
"lang": "en"
}
],
"source": {
"advisory": "ICSMA-21-322-02",
"discovery": "UNKNOWN"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2021-43550",
"datePublished": "2021-12-27T18:48:23.613762Z",
"dateReserved": "2021-11-08T00:00:00",
"dateUpdated": "2024-09-16T19:00:27.450Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}