An unauthenticated attacker can read worklist records from a directory outside the intended per-AE worklist storage area. In a multi-area deployment, this can cross departmental or clinic data separation.
Credits
Abhinav Agarwal reported this vulnerability to CISA