11 results (0.003 seconds)

CVSS: 8.4EPSS: 0%CPEs: 1EXPL: 0

Philips Vue PACS uses default credentials for potentially critical functionality. Philips Vue PACS utiliza credenciales predeterminadas para funciones potencialmente críticas. • http://www.philips.com/productsecurity https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01 • CWE-1392: Use of Default Credentials •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0

Philips Vue PACS does not require that users have strong passwords, which could make it easier for attackers to compromise user accounts. Philips Vue PACS no requiere que los usuarios tengan contraseñas seguras, lo que podría facilitar que los atacantes comprometan las cuentas de los usuarios. • http://www.philips.com/productsecurity https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01 • CWE-521: Weak Password Requirements •

CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 0

Philips Vue PACS does not properly assign, modify, track, or check actor privileges, creating an unintended sphere of control for that actor. Philips Vue PACS no asigna, modifica, rastrea ni verifica adecuadamente los privilegios de los actores, lo que crea una esfera de control no deseada para ese actor. • http://www.philips.com/productsecurity https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01 • CWE-269: Improper Privilege Management •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

A validated user not explicitly authorized to have access to certain sensitive information could access Philips Vue PACS on the same network to expose that information. Un usuario validado que no esté autorizado explícitamente para tener acceso a cierta información confidencial podría acceder a Philips Vue PACS en la misma red para exponer esa información. • http://www.philips.com/productsecurity https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-200-01 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0

The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unnecessary risk that may result in the exposure of sensitive information. El uso de un algoritmo criptográfico roto o arriesgado en Philips Vue PACS versiones 12.2.x.x y anteriores, es un riesgo innecesario que puede resultar en una exposición de información confidencial • http://www.philips.com/productsecurity https://www.cisa.gov/uscert/ics/advisories/icsma-21-187-01 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •