cvedb.io
CVE-2022-38765
MEDIUM · CVSS 6.5
EPSS exploitation probability: 0%
Published 2022-12-09T00:15:10.063 · Last modified 2026-06-17T04:57:07.673

Summary

Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter.

Affected products

canon — vitrea_view

Does this affect you?

Add your gear to cvedb and we'll alert you only when canon ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.