Vue Pacs Security Vulnerabilities and Issues — Vue Pacs CVE List

PhilipsVue Pacs

9 matches found

CVE•added 2022/04/01 10:17 p.m.•111 views

CVE-2021-33020

CVE-2021-33020 affects Philips Vue PACS family (Vue PACS, Vue MyVue, Vue Speech, Vue Motion; versions 12.2.x.x and prior) where an expired cryptographic key or password weakens security by enlarging the window for cracking the key. The Red Hat and NVD entries, ICS advisory, and related sources co...

8.2CVSS8.2AI score0.00219EPSS

CVE•added 2022/04/01 10:17 p.m.•99 views

CVE-2021-27497

CVE-2021-27497 affects Philips Vue PACS (versions 12.2.x.x and prior). The issue is a Protection Mechanism Failure (CWE-693) allowing remote exploitation with no authentication for high-impact actions (confidentiality, integrity, availability all High). NVD CVSSv3.1 base score 9.8 (AV:N/AC:L/PR:N...

9.8CVSS8AI score0.00239EPSS

CVE•added 2022/04/01 10:17 p.m.•98 views

CVE-2021-27501

CVE-2021-27501 affects Philips Vue PACS and related Vue components (12.2.x.x and earlier). The issue is described as improper adherence to coding standards (CWE-710), which can heighten the severity of other vulnerabilities within the suite. The ICS-CISA advisory catalogs this CWE-710 alongside o...

9.8CVSS8.8AI score0.00216EPSS

CVE•added 2022/04/01 10:17 p.m.•96 views

CVE-2021-33022

CVE-2021-33022 affects Philips Vue PACS family, where sensitive data is transmitted in cleartext over the network. Affected products include Vue PACS versions 12.2.x.x and prior (also related Vue components per ICS-Update). Root cause cited: cleartext transmission of confidential information, ena...

7.5CVSS7.6AI score0.00108EPSS

CVE•added 2022/04/01 10:17 p.m.•95 views

CVE-2021-33018

Vulnerability CVE-2021-33018 affects Philips Vue PACS family (Vue PACS, Vue MyVue, Vue Speech, Vue Motion) up to version 12.2.x.x and earlier, due to use of a broken or risky cryptographic algorithm (CWE-327). The issue could permit exposure of sensitive information. Philips and CISA have issued ...

7.5CVSS7.7AI score0.00108EPSS

CVE•added 2022/04/01 10:17 p.m.•86 views

CVE-2021-33024

CVE-2021-33024 (Philips Vue PACS) affects Vue PACS and related Vue components (12.2.x.x and prior). The vulnerability is described as transmitting or storing authentication credentials using an insecure method susceptible to unauthorized interception and retrieval. Red Hat/ICSMA-21-187-01 and NVD...

7.5CVSS6AI score0.00183EPSS

CVE•added 2022/04/01 10:17 p.m.•74 views

CVE-2021-27493

Summary (CVE-2021-27493): Philips Vue PACS (versions 12.2.x.x and prior) contains a logic/validation issue where structured messages or data are not consistently well-formed before reading from an upstream component or sending to a downstream component. This is documented as improper input valida...

6.5CVSS6.6AI score0.00162EPSS

CVE•added 2022/12/26 12:0 a.m.•67 views

CVE-2021-39369

Philips Vue PACS and Vue MyVue PACS are affected by CVE-2021-39369 via the VideoStream function, which permits path traversal by authenticated users to access files outside the web root. The issue affects Vue PACS/Vue MyVue versions prior to 12.2.x.x. The CVSS base score is 6.5 (Medium) with Conf...

6.5CVSS6.3AI score0.00419EPSS

CVE•added 2024/07/18 4:33 p.m.•32 views

CVE-2023-40704

Philips Vue PACS is affected by CVE-2023-40704 (Use of Default Credentials) as documented in multiple sources. The issue stems from weak password requirements during installation, allowing default credentials to be used and potentially enabling an attacker to access the PACS database, compromisin...

9.8CVSS7.4AI score0.00079EPSS