The product does not require unique and complex passwords to be created during installation. Using Philips's default password could jeopardize the PACS system if the password was hacked or leaked. An attacker could gain access to the database impacting system availability and data integrity.
CVSS:4.0/AV:L/AC:H/AT:N/PR:H/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:XPhilips Vue Pacs
APPPhilips< 12.2.8.410
Related vulnerabilities
Philips Vue PACS versions 12.2.x.x and prior uses a cryptographic key or password past its expiration date, wh...
Philips Vue PACS versions 12.2.x.x and prior transmits sensitive or security-critical data in cleartext in a c...
Philips Vue PACS versions 12.2.x.x and prior does not follow certain coding rules for development, which can l...
The use of a broken or risky cryptographic algorithm in Philips Vue PACS versions 12.2.x.x and prior is an unn...
In Philips (formerly Carestream) Vue MyVue PACS through 12.2.x.x, the VideoStream function allows Path Travers...