Browse all 4 CVE security advisories affecting IBM Merge Healthcare. AI-powered Chinese analysis, POCs, and references for each vulnerability.
IBM Merge Healthcare specializes in medical imaging and information technology solutions, primarily serving healthcare providers to streamline diagnostic workflows. Historically, the organization's products have been susceptible to remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and access control flaws. While no major public security incidents have been widely documented, the four CVEs on record highlight persistent security challenges in their software. These vulnerabilities typically expose systems to unauthorized access and data breaches, particularly in environments handling sensitive patient information. The company's integration with healthcare infrastructure necessitates robust security measures to mitigate risks associated with medical device connectivity and data exchange.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-23622 | IBM Merge Healthcare eFilm Workstation License Server CopySLS_Request3 Buffer Overflow — eFilm WorkstationCWE-131 | 10.0 | Critical | 2024-01-25 |
| CVE-2024-23621 | IBM Merge Healthcare eFilm Workstation License Server Buffer Overflow — eFilm WorkstationCWE-131 | 10.0 | Critical | 2024-01-25 |
| CVE-2024-23620 | IBM Merge Healthcare eFilm Workstation SYSTEM Privilege Escalation — eFilm WorkstationCWE-269 | 8.8 | High | 2024-01-25 |
| CVE-2024-23619 | IBM Merge Healthcare eFilm Workstation Hardcoded Credentials — eFilm Workstation CWE-798 | 9.8 | Critical | 2024-01-25 |
This page lists every published CVE security advisory associated with IBM Merge Healthcare. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.