Lucene search

[email protected]CVE-2020-29165

HistoryFeb 03, 2021 - 1:15 p.m.

CVE-2020-29165

2021-02-0313:15:13

CWE-306

[email protected]

web.nvd.nist.gov

cve-2020-29165

pacsone server

pacs server in one box

incorrect access control

administrator privileges

nvd

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.4%

JSON

PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by incorrect access control, which can result in remotely gaining administrator privileges.

Affected configurations

NVD

Node

rainbowfishsoftwarepacsone_serverRange<7.1.1

CPENameOperatorVersion
rainbowfishsoftware:pacsone_serverrainbowfishsoftware pacsone serverlt7.1.1

CPE	Name	Operator	Version
rainbowfishsoftware:pacsone_server	rainbowfishsoftware pacsone server	lt	7.1.1

References

gist.github.com/leommxj/0a32afeeaac960682c5b7c9ca8ed070d

pacsone.net/download.htm

Social References

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

9.4 High

AI Score

Confidence

High

0.006 Low

EPSS

Percentile

79.4%

JSON

Related for CVE-2020-29165

nvd1 cnvd1 prion1 cvelist1