Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Philips ISCV application prior to version 2.3.0 has an insufficient session expiration vulnerability where an attacker could reuse the session of a previously logged in user. This vulnerability exists when using ISCV together with an Electronic Medical Record (EMR) system, where ISCV is in KIOSK mode for multiple users and using Windows authentication. This may allow an attacker to gain unauthorized access to patient health information and potentially modify this information.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Philips IntelliSpace Cardiovascular 安全漏洞
Vulnerability Description
Philips IntelliSpace Cardiovascular是荷兰飞利浦(Philips)公司的一套心血管图像信息管理系统。该系统提供对回声影像的查看,并为医生提供单点访问功能。 Philips IntelliSpace Cardiovascular 2.3.0及之前版本中存在安全漏洞。本地攻击者可通过使用之前登录用户的会话利用该漏洞获取病人健康信息的访问权限并可能更改该信息。
CVSS Information
N/A
Vulnerability Type
N/A