Is CVE-2021-32966 actively exploited?

CVE-2021-32966 has no public evidence of in-the-wild exploitation as of 2024-11-21.

What is the CVSS score for CVE-2021-32966?

CVE-2021-32966 has a CVSS score of 3.7 (LOW severity). Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N.

How do I patch CVE-2021-32966?

Patch guidance is available from philips security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2021-32966.

CVE-2021-32966 - remediation guidance & executive summary

Q: Which products are affected by CVE-2021-32966?

2 products: philips interoperability solution xds, philips interoperability solution xds.

Description

Philips Interoperability Solution XDS versions 2.5 through 3.11 and 2018-1 through 2021-1 are vulnerable to clear text transmission of sensitive information when configured to use LDAP via TLS and where the domain controller returns LDAP referrals, which may allow an attacker to remotely read LDAP system credentials.

CVSS Metrics

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector: network
Complexity: high
Privileges: none
User Action: none
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none
Weaknesses: CWE-319

Metadata

Primary Vendor: PHILIPS
Published: 5/25/2022
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.

Affected Products

philips : interoperability_solution_xdsphilips : interoperability_solution_xds

Remediation Guidance

Executive Summary

Cite this page

CVE-2021-32966. CVEDatabase.com. Retrieved 1 May 2026. https://cvedatabase.com/cve/CVE-2021-32966

View on NIST NVD

CVE-2021-32966 vulnerability