CVE-2017-9654

EPSS 1.1%CWE-312

The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.

Produtos afetados

Philips · DoseWise Portal

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://ics-cert.us-cert.gov/advisories/ICSMA-17-229-01 http://www.philips.com/productsecurity http://www.securityfocus.com/bid/100471