Skip to main content

Clinical Collaboration Platform

8 CVEs product

Monthly

CVE-2025-27955 MEDIUM This Month

Clinical Collaboration Platform 12.2.1.5 has a weak logout system where the session token remains valid after logout and allows a remote attacker to obtain sensitive information and execute arbitrary code.

RCE Clinical Collaboration Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-27954 MEDIUM This Month

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx.

RCE Command Injection Clinical Collaboration Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-27953 MEDIUM This Month

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component.

RCE Command Injection Clinical Collaboration Platform
NVD GitHub
CVSS 3.1
6.5
EPSS
0.2%
CVE-2020-16247 HIGH This Week

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
CVSS 3.1
7.1
EPSS
0.4%
CVE-2020-16200 MEDIUM This Month

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not properly control the allocation and maintenance of a limited resource, thereby enabling an attacker to influence the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2020-16198 MEDIUM This Month

When an attacker claims to have a given identity, Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not prove or insufficiently proves the claim is correct. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
CVSS 3.1
6.3
EPSS
0.6%
CVE-2020-14525 LOW Monitor

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a webpage that is. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
CVSS 3.1
3.5
EPSS
0.5%
CVE-2020-14506 MEDIUM This Month

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Clinical Collaboration Platform
NVD
CVSS 3.1
4.3
EPSS
0.3%
EPSS 0% CVSS 6.5
MEDIUM This Month

Clinical Collaboration Platform 12.2.1.5 has a weak logout system where the session token remains valid after logout and allows a remote attacker to obtain sensitive information and execute arbitrary code.

RCE Clinical Collaboration Platform
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx.

RCE Command Injection Clinical Collaboration Platform
NVD GitHub
EPSS 0% CVSS 6.5
MEDIUM This Month

An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component.

RCE Command Injection Clinical Collaboration Platform
NVD GitHub
EPSS 0% CVSS 7.1
HIGH This Week

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. Rated high severity (CVSS 7.1), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
EPSS 1% CVSS 6.5
MEDIUM This Month

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not properly control the allocation and maintenance of a limited resource, thereby enabling an attacker to influence the. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
EPSS 1% CVSS 6.3
MEDIUM This Month

When an attacker claims to have a given identity, Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not prove or insufficiently proves the claim is correct. Rated medium severity (CVSS 6.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
EPSS 0% CVSS 3.5
LOW Monitor

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a webpage that is. Rated low severity (CVSS 3.5), this vulnerability is low attack complexity. No vendor patch available.

Information Disclosure Clinical Collaboration Platform
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

CSRF Clinical Collaboration Platform
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy