CVE-2020-14477
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
26/06/2020
Last modified:
04/06/2025
Description
In Philips Ultrasound ClearVue Versions 3.2 and prior, Ultrasound CX Versions 5.0.2 and prior, Ultrasound EPIQ/Affiniti Versions VM5.0 and prior, Ultrasound Sparq Version 3.0.2 and prior and Ultrasound Xperius all versions, an attacker may use an alternate path or channel that does not require authentication of the alternate service login to view or modify information.
Impact
Base Score 3.x
3.60
Severity 3.x
LOW
Base Score 2.0
3.60
Severity 2.0
LOW
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:philips:clearvue_850_firmware:*:*:*:*:*:*:*:* | 3.2 (including) | |
| cpe:2.3:h:philips:clearvue_850:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:clearvue_350_firmware:*:*:*:*:*:*:*:* | 3.2 (including) | |
| cpe:2.3:h:philips:clearvue_350:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:cx50_firmware:5.0.2:*:*:*:*:*:*:* | ||
| cpe:2.3:h:philips:cx50:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:affiniti_70_firmware:*:*:*:*:*:*:*:* | 5.0 (including) | |
| cpe:2.3:h:philips:affiniti_70:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:affiniti_50_firmware:*:*:*:*:*:*:*:* | 5.0 (including) | |
| cpe:2.3:h:philips:affiniti_50:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:epiq_7_firmware:*:*:*:*:*:*:*:* | 5.0 (including) | |
| cpe:2.3:h:philips:epiq_7:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:sparq_firmware:*:*:*:*:*:*:*:* | 3.0.2 (including) | |
| cpe:2.3:h:philips:sparq:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:philips:xperius_firmware:*:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page