CVE-2020-14506

Published: Sep 18, 2020Modified: Jun 17, 2026

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

Exploitability: 2.8 / Impact: 1.4

Source: NVD

Description

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly.

Affected (1)

Products: Philips: Clinical Collaboration Platform

Philips

1 product

Clinical Collaboration Platform

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Philips Clinical Collaboration Platform	Up to 12.2.1

Related CWEs

CWE-352

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (3)

https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01

Source: ics-cert@hq.dhs.gov

Third Party AdvisoryUS Government Resource

https://www.philips.com/a-w/security/security-advisories/product-security-2020.html#2020_archive

Source: ics-cert@hq.dhs.gov

https://us-cert.cisa.gov/ics/advisories/icsma-20-261-01

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryUS Government Resource

Timeline

No history available yet.