8.8

CVE-2020-16222

Philips Patient Monitoring Devices Improper Authentication

In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and 
PerformanceBridge Focal Point Version A.01, when an actor claims to have
 a given identity, the software does not prove or insufficiently proves 
the claim is correct.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.55% 0.418
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 8.8 2.8 5.9
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov 5.8 6.5 6.4
AV:A/AC:L/Au:N/C:P/I:P/A:P
CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

https://us-cert.cisa.gov/ics/advisories/icsma-20-254-01
Third Party Advisory
US Government Resource
https://www.philips.com/productsecurity