Lucene search
IcscertVULNRICHMENT:CVE-2023-39227HistorySep 11, 2023 - 7:08 p.m.
CVE-2023-39227 Softneta MedDream PACS Plaintext Storage of a Password
2023-09-1119:08:08
CWE-256
icscert
github.com
cve-2023-39227
softneta meddream pacs
plaintext storage
password
attackers
user credentials
CVSS3
6.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
AI Score
6.8
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could be abused by attackers to leak legitimate user’s credentials.
Related
cve
cve
CVE-2023-39227
2023-09-11 20:15:09
nvd
nvd
CVE-2023-39227
2023-09-11 20:15:09
prion
prion
Command injection
2023-09-11 20:15:00
cvelist
cvelist
CVE-2023-39227 Softneta MedDream PACS Plaintext Storage of a Password
2023-09-11 19:08:08
ics
ics
Softneta MedDream PACS
2023-09-05 12:00:00
CVSS3
6.1
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
AI Score
6.8
Confidence
Low
SSVC
Exploitation
none
Automatable
no
Technical Impact
partial
Related for VULNRICHMENT:CVE-2023-39227