This page lists publicly disclosed CVE vulnerabilities affecting philips clinical_collaboration_platform (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2025-27955 | Clinical Collaboration Platform 12.2.1.5 has a weak logout system where the session token remains valid after logout and allows a remote attacker to obtain sensitive information and execute arbitrary code. | [email protected] | 6.5 | 0.63% | 2025-06-02 | 2025-06-13 |
| CVE-2025-27954 | An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the usertoken function of default.aspx. | [email protected] | 6.5 | 0.64% | 2025-06-02 | 2025-06-13 |
| CVE-2025-27953 | An issue in Clinical Collaboration Platform 12.2.1.5 allows a remote attacker to obtain sensitive information and execute arbitrary code via the session management component. | [email protected] | 6.5 | 0.56% | 2025-06-02 | 2025-06-13 |
| CVE-2020-16247 | Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource. | [email protected] | 6.8 | 0.04% | 2020-09-18 | 2025-06-04 |
| CVE-2020-16200 | Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not properly control the allocation and maintenance of a limited resource, thereby enabling an attacker to influence the amount of resources consumed, eventually leading to the exhaustion of available resources. | [email protected] | 6.5 | 0.06% | 2020-09-18 | 2025-06-04 |
| CVE-2020-16198 | When an attacker claims to have a given identity, Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not prove or insufficiently proves the claim is correct. | [email protected] | 5.0 | 0.04% | 2020-09-18 | 2025-06-04 |
| CVE-2020-14525 | Philips Clinical Collaboration Platform, Versions 12.2.1 and prior, does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output used as a webpage that is served to other users. | [email protected] | 3.5 | 0.06% | 2020-09-18 | 2025-06-04 |
| CVE-2020-14506 | Philips Clinical Collaboration Platform, Versions 12.2.1 and prior. The product receives input or data, but it does not validate or incorrectly validates that the input has the properties required to process the data safely and correctly. | [email protected] | 3.4 | 0.03% | 2020-09-18 | 2025-06-04 |