Philips—Systems Using Apache HTTP Server: May Have Cybersecurity Vulnerabilities
December 15, 2021 | Strategic Insights for Health System
ECRI's complete weekly summary of medical device hazard and recall information is available in ECRI's Health Device Alerts. For more information contact us at firstname.lastname@example.org.
Problem:In a December 10, 2021, Security Advisory, Philips states that it is monitoring developments and updates related to recently released reports that confirm an active exploitation of a previously fixed server-side request forgery vulnerability (CVE-2021-40438) in Apache's HTTP Server. The vulnerability affects HTTP Server versions 2.4.48 and earlier. The manufacturer has not confirmed the...