CVE-2022-38765 Information

Dec 09, 2022 cve

Description

Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter.

Reference

https://www.vitalimages.com/customer-success-support-program/vital-images-software-security-updates/

Share on: