Description
Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.
Published: 2026-06-30
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Analysis and contextual insights are available on OpenCVE Cloud.

Remediation

Vendor Solution

Update HQM ISO to version 1.2.13 or later, or update QueueHttp.dll to version 1.2.12.7 or later.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 01 Jul 2026 10:30:00 +0000

Type Values Removed Values Added
First Time appeared Advantech
Advantech hospital Quering Management
Vendors & Products Advantech
Advantech hospital Quering Management

Tue, 30 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Tue, 30 Jun 2026 11:45:00 +0000

Type Values Removed Values Added
Description Hospital Queuing Management developed by Advantech has a Sensitive Data Exposure vulnerability, allowing unauthenticated remote attackers to access a specific URL to obtain API documentation.
Title Advantech|Hospital Quering Management - Missing Authentication
Weaknesses CWE-306
References
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 9.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}


Subscriptions

Advantech Hospital Quering Management
cve-icon MITRE

Status: PUBLISHED

Assigner: twcert

Published:

Updated: 2026-06-30T12:25:08.646Z

Reserved: 2026-06-30T02:02:24.547Z

Link: CVE-2026-14162

cve-icon Vulnrichment

Updated: 2026-06-30T12:25:05.341Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-01T10:01:59Z

Weaknesses