CVE-2018-17906

HIGH

Philips iSite & IntelliSpace PACS - Info Disclosure

Title source: llm

Description

Philips iSite and IntelliSpace PACS, iSite PACS, all versions, and IntelliSpace PACS, all versions. Default credentials and no authentication within third party software may allow an attacker to compromise a component of the system.

References (2)

[Third Party Advisory, US Government Resource] https://ics-cert.us-cert.gov/advisories/ICSMA-18-312-01

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/105875

Scores

CVSS v3 8.8

EPSS 0.0043

EPSS Percentile 62.6%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-521 CWE-306 CWE-1188

Status published

Products (2)

philips/intellispace_pacs

philips/isite_pacs

Published Nov 19, 2018

Tracked Since Feb 18, 2026