CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
AI Score
Confidence
High
EPSS
Percentile
10.4%
In Patient Information Center iX (PICiX) Versions C.02 and C.03,
PerformanceBridge Focal Point Version A.01, IntelliVue patient monitors
MX100, MX400-MX550, MX750, MX850, and IntelliVue X3 Versions N and
prior, the software does not check or incorrectly checks the revocation
status of a certificate, which may cause it to use a compromised
certificate.
Vendor | Product | Version | CPE |
---|---|---|---|
philips | patient_information_center_ix | b.02 | cpe:2.3:a:philips:patient_information_center_ix:b.02:*:*:*:*:*:*:* |
philips | patient_information_center_ix | c.02 | cpe:2.3:a:philips:patient_information_center_ix:c.02:*:*:*:*:*:*:* |
philips | patient_information_center_ix | c.03 | cpe:2.3:a:philips:patient_information_center_ix:c.03:*:*:*:*:*:*:* |
philips | performancebridge_focal_point | a.01 | cpe:2.3:a:philips:performancebridge_focal_point:a.01:*:*:*:*:*:*:* |
philips | intellivue_mp2-mp90_firmware | - | cpe:2.3:o:philips:intellivue_mp2-mp90_firmware:-:*:*:*:*:*:*:* |
philips | intellivue_mp2-mp90 | n | cpe:2.3:h:philips:intellivue_mp2-mp90:n:*:*:*:*:*:*:* |
philips | intellivue_mx100_firmware | - | cpe:2.3:o:philips:intellivue_mx100_firmware:-:*:*:*:*:*:*:* |
philips | intellivue_mx100 | - | cpe:2.3:h:philips:intellivue_mx100:-:*:*:*:*:*:*:* |
philips | intellivue_mx400_firmware | - | cpe:2.3:o:philips:intellivue_mx400_firmware:-:*:*:*:*:*:*:* |
philips | intellivue_mx400 | - | cpe:2.3:h:philips:intellivue_mx400:-:*:*:*:*:*:*:* |
[
{
"defaultStatus": "unaffected",
"product": "Patient Information Center iX (PICiX)",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "C.02"
},
{
"status": "affected",
"version": "C.03"
}
]
},
{
"defaultStatus": "unaffected",
"product": "PerformanceBridge Focal Point",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "A.01"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IntelliVue patient monitors",
"vendor": "Philips ",
"versions": [
{
"status": "affected",
"version": "MX100"
},
{
"status": "affected",
"version": "MX400-MX550"
},
{
"status": "affected",
"version": "MX750"
},
{
"status": "affected",
"version": "MX850"
}
]
},
{
"defaultStatus": "unaffected",
"product": "IntelliVue X3",
"vendor": "Philips ",
"versions": [
{
"lessThanOrEqual": "N ",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
]
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:A/AC:L/Au:S/C:P/I:P/A:P
CVSS3
Attack Vector
ADJACENT
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
AI Score
Confidence
High
EPSS
Percentile
10.4%