CVE-2023-39227

Summary

​Softneta MedDream PACS stores usernames and passwords in plaintext. The plaintext storage could be abused by attackers to leak legitimate user’s credentials.

Affected Software

VendorProductVersion RangeStatus
SoftnetaMedDream PACS0 <= v7.2.8.810affected

Weaknesses

  • CWE-256: CWE-256 ​Plaintext Storage of a Password

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References