GHSA-vh9f-gm3f-x483

Опубликовано: 18 июл. 2024

Источник: github

Github: Не прошло ревью

CVSS4: 8.4

CVSS3: 7.1

Описание

Philips Vue PACS uses default credentials for potentially critical functionality.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2023-40704
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01
http://www.philips.com/productsecurity

EPSS

Процентиль: 23%

0.00079

Низкий

8.4 High

CVSS4

7.1 High

CVSS3

CVE ID

CVE-2023-40704

Дефекты

CWE-1392

Связанные уязвимости

CVE-2023-40704

CVSS3: 6.8

nvd

больше 1 года назад

The product does not require unique and complex passwords to be created during installation. Using Philips's default password could jeopardize the PACS system if the password was hacked or leaked. An attacker could gain access to the database impacting system availability and data integrity.

EPSS

Процентиль: 23%

0.00079

Низкий

8.4 High

CVSS4

7.1 High

CVSS3

CVE ID

CVE-2023-40704

Дефекты

CWE-1392