CVE-2023-40150: Softneta MedDream PACS Exposed Dangerous Method or Function
Published Sep 11, 2023
·Updated
?The affected product does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote code execution.0
Affected Software
1 affected component
Softneta MedDream PACS<=7.2.8.810
Remediation
Information
Softneta recommends users update to v7.2.9.820 https://www.softneta.com/files/meddreampacs/premium/230530/MedDream-PACS-Premium-7.2.9.820.exe of MedDream PACS Server or patch their current system using Fix-v230712 https://www.softneta.com/files/meddreampacs/premium/Fix-v230712.zip .
For assistance or additional information about installing the software, please contact Softneta https://www.softneta.com/contacts/ directly.
Event History
Sep 11, 2023
CVE Published
via MITRE·07:05 PM
Data Sourced
via MITRE·07:05 PM
RemedyDescriptionSeverityWeakness
Frequently Asked Questions
1
What is the vulnerability ID of this vulnerability?
The vulnerability ID is CVE-2023-40150.
2
What is the severity of CVE-2023-40150?
The severity of CVE-2023-40150 is critical with a score of 9.8.
3
What is the affected software?
The affected software is Softneta MedDream PACS version up to and including 7.2.8.810.
4
What is the risk of CVE-2023-40150?
CVE-2023-40150 poses a risk of unauthenticated remote code execution.
5
Is there a fix available for CVE-2023-40150?
It is recommended to update to a version of Softneta MedDream PACS that is not affected by this vulnerability.