14 matches found
EUVD-2017-18587
Malware in sbrugna...
EUVD-2017-18585
Malware in sbrugna...
CVE-2017-9656
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...
Code injection
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...
CVE-2017-9656
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...
CVE-2017-9654
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...
CVE-2017-9654
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...
CVE-2017-9654
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N...
Hardcoded credentials
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...
CVE-2017-9656
The backend database of the Philips DoseWise Portal application versions 1.1.7.333 and 2.1.1.3069 uses hard-coded credentials for a database account with privileges that can affect confidentiality, integrity, and availability of the database. For an attacker to exploit this vulnerability, elevate...
CVE-2017-9656
This CVE (CVE-2017-9656) affects Philips DoseWise Portal (DWP) Backend DB credentials in versions 1.1.7.333 and 2.1.1.3069. The root cause is hard-coded credentials in backend system files, granting a database account with privileges that can affect confidentiality, integrity, and availability. E...
Philips' DoseWise Portal Plaintext Storage Vulnerability
Philips' DoseWise Portal is a web-based reporting and tracking tool for radiation exposure. A plaintext storage vulnerability exists in Philips' DoseWise Portal. An attacker obtains text web application store login credentials in a back-end system file...
Philips' DoseWise Portal Hardcoding Vulnerability
Philips' DoseWise Portal is a web-based reporting and tracking tool for radiation exposure. A hard-coded vulnerability exists in Philips' DoseWise Portal. An attacker exploiting this vulnerability would first require elevated privileges in order for the attacker to access web application back-end...
ICSMA-17-229-01_Philips' DoseWise Portal Vulnerabilities
OVERVIEW Philips has identified Hard-coded Credentials and Cleartext Storage of Sensitive Information vulnerabilities in Philips’ DoseWise Portal DWP web application. Philips has updated product documentation and produced a new version that mitigates these vulnerabilities. These vulnerabilities...