CVE-2018-17906
19.11.2018, 20:29
Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.Enginsight
| Vendor | Product | Version |
|---|---|---|
| philips | intellispace_pacs | * |
| philips | isite_pacs | * |
𝑥
= Vulnerable software versions
Common Weakness Enumeration
- CWE-521 - Weak Password RequirementsThe product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.
- CWE-306 - Missing Authentication for Critical FunctionThe product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.