CVE-2023-39227

Softneta MedDream PACSstores usernames and passwords in plaintext. The plaintext storage could be abused by attackers to leak legitimate users credentials.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.1 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
icscertCNA
6.1 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 25%
VendorProductVersion
softnetameddream_pacs
𝑥
≤ 7.2.8.810
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01