Vulnerabilities > Philips > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-05-04 | CVE-2018-8857 | Use of Hard-coded Credentials vulnerability in Philips products Philips Brilliance CT software (Brilliance 64 version 2.6.2 and prior, Brilliance iCT versions 4.1.6 and prior, Brillance iCT SP versions 3.2.4 and prior, and Brilliance CT Big Bore 2.3.5 and prior) contains fixed credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. | 7.8 |
| 2018-05-04 | CVE-2018-8853 | Improper Privilege Management vulnerability in Philips products Philips Brilliance CT devices operate user functions from within a contained kiosk in a Microsoft Windows operating system. | 8.8 |
| 2018-04-24 | CVE-2017-9654 | Insufficiently Protected Credentials vulnerability in Philips Dosewise 1.1.7.333/2.1.1.3069 The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. | 8.8 |
| 2018-03-26 | CVE-2018-5470 | Untrusted Search Path vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges. | 7.8 |
| 2018-03-26 | CVE-2018-5466 | Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a self-signed SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. | 7.5 |
| 2018-03-26 | CVE-2018-5464 | Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an untrusted SSL certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. | 7.5 |
| 2018-03-26 | CVE-2018-5462 | Improper Certificate Validation vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an SSL incorrect hostname certificate vulnerability this could allow an attacker to gain unauthorized access to resources and information. | 7.5 |
| 2018-03-26 | CVE-2018-5458 | Use of a Broken or Risky Cryptographic Algorithm vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability using SSL legacy encryption that could allow an attacker to gain unauthorized access to resources and information. | 7.5 |
| 2018-03-26 | CVE-2018-5454 | Unspecified vulnerability in Philips Intellispace Portal 8.0/9.0 Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have a vulnerability where code debugging methods are enabled, which could allow an attacker to remotely execute arbitrary code during runtime. | 8.1 |
| 2017-11-17 | CVE-2017-14111 | Insufficiently Protected Credentials vulnerability in Philips Intellispace Cardiovascular and Xcelera The workstation logging function in Philips IntelliSpace Cardiovascular (ISCV) 2.3.0 and earlier and Xcelera R4.1L1 and earlier records domain authentication credentials, which if accessed allows an attacker to use credentials to access the application, or other user entitlements. | 7.2 |