CVE-2017-9654

Summary

The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Affected Software

VendorProductVersion RangeStatus
PhilipsDoseWise Portal1.1.7.333affected
PhilipsDoseWise Portal2.1.1.3069affected

Weaknesses

  • CWE-312: Cleartext storage of sensitive information CWE-312

ADP Enrichment

CVE Program Container

Additional References

References