Clinical Collaboration Platform Security Vulnerabilities and Issues — Clinical Collaboration Platform CVE List

PhilipsClinical Collaboration Platform

8 matches found

CVE•added 2025/06/02 12:0 a.m.•57 views

CVE-2025-27953

CVE-2025-27953 affects Carestream Health Clinical Collaboration Platform 12.2.1.5. The issue is in the session management component and enables a remote attacker to obtain sensitive information and execute arbitrary code. Documents provide no concrete exploit vectors or patch/version fix details;...

6.5CVSS7.2AI score0.00561EPSS

CVE•added 2025/06/02 12:0 a.m.•53 views

CVE-2025-27954

CVE-2025-27954 concerns Carestream Health’s Clinical Collaboration Platform, version 12.2.1.5. The defect is linked to the utoken function within default.aspx , which the description attributes to allow a remote attacker to both obtain sensitive information and execute arbitrary code. The connect...

6.5CVSS7.4AI score0.00638EPSS

CVE•added 2025/06/02 12:0 a.m.•53 views

CVE-2025-27955

The CVE-2025-27955 entry concerns Carestream Health’s Clinical Collaboration Platform v12.2.1.5. A weak logout system leaves the session token valid after logout, enabling a remote attacker to access sensitive information and potentially execute arbitrary code. Affected software: Clinical Collabo...

6.5CVSS7AI score0.00634EPSS

CVE•added 2020/09/18 5:53 p.m.•44 views

CVE-2020-16200

Philips Clinical Collaboration Platform, versions 12.2.1 and earlier, is affected by CVE-2020-16200 (Algorithm Downgrade). The vulnerability stems from improper control of limited resources, enabling an attacker to influence resource consumption and exhaust availability (impact: HIGH). The root c...

6.5CVSS6.6AI score0.00057EPSS

CVE•added 2020/09/18 5:50 p.m.•40 views

CVE-2020-16198

Philips Clinical Collaboration Platform (HMI data management) versions 12.2.1 and earlier are affected by CVE-2020-16198. The root cause is insufficient verification of claimed identities, i.e., aProtection Mechanism Failure that does not adequately prove identity. Mitigations include Philips pat...

6.3CVSS5.8AI score0.00036EPSS

CVE•added 2020/09/18 5:46 p.m.•37 views

CVE-2020-14506

CVE-2020-14506 affects Philips Clinical Collaboration Platform (versions 12.2.1 and prior). The issue is a CSRF vulnerability stemming from improper input validation, allowing non-validated input to be used in processing and potentially enabling unauthorized actions when a user is authenticated. ...

4.3CVSS4.1AI score0.00034EPSS

CVE•added 2020/09/18 5:55 p.m.•35 views

CVE-2020-16247

The CVE-2020-16247 vulnerability affects Philips Clinical Collaboration Platform (rebranded as Philips Clinical Collaboration Platform; affected versions 12.2.1 and prior). The root cause is Improper Access Control: the product exposes a resource to the wrong control sphere, allowing unintended a...

7.1CVSS6.7AI score0.00044EPSS

CVE•added 2020/09/18 5:48 p.m.•33 views

CVE-2020-14525

CVE-2020-14525 affects Philips Clinical Collaboration Platform (versions 12.2.1 and earlier). The vulnerability stems from improper neutralization of user-controllable input in output used as a webpage, i.e., an input validation/escaping issue (CWE-83) that could render user-supplied data in HTML...

3.5CVSS4.3AI score0.00076EPSS