What is the severity of CVE-2023-40704?

CVE-2023-40704 is considered a critical vulnerability due to the use of default credentials in Philips Vue PACS.

How do I fix CVE-2023-40704?

To fix CVE-2023-40704, replace the default credentials with strong, unique passwords for all accounts within Philips Vue PACS.

Which versions of Philips Vue PACS are affected by CVE-2023-40704?

CVE-2023-40704 affects all versions of Philips Vue PACS up to and including version 12.2.8.410.

What impact does CVE-2023-40704 have on Philips Vue PACS?

CVE-2023-40704 allows unauthorized access to potentially critical functionality within Philips Vue PACS due to default credential usage.

Is there a way to check if my Philips Vue PACS is vulnerable to CVE-2023-40704?

To check for CVE-2023-40704 vulnerabilities, review the authentication settings for default credentials in your Philips Vue PACS installation.

Vulnerability/
CVE-2023-40704

critical

9.8

CWE

1392

18/7/2024

5/9/2024

CVE-2023-40704: Philips Vue PACS Use of Default Credentials

First published: Thu Jul 18 2024(Updated: )

Philips Vue PACS uses default credentials for potentially critical functionality.

Credit: ics-cert@hq.dhs.gov

Affected Software	Affected Version	How to fix
Philips Isite PACS	<12.2.8.410

Remedy

Philips recommends configuring the Vue PACS environment per 8G7607 – Vue PACS User Guide Rev G available on Incenter http://incenter.medical.philips.com/Default.aspx .For managed services customers, new releases will be made available upon resource availability. Releases are subject to country specific regulations. Users with questions regarding their specific Philips Vue PACS installations and new release eligibility should contact their local Philips Sales representative or submit a request in the Philips Informatics Support portal https://usdhs-my.sharepoint.com/personal/grayson_gaylor_associates_cisa_dhs_gov1/_layouts/15/www.informatics.support.philips.com/csm . Refer to the Philips advisory http://www.philips.com/productsecurity for more details.

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2023-40704?
CVE-2023-40704 is considered a critical vulnerability due to the use of default credentials in Philips Vue PACS.
How do I fix CVE-2023-40704?
To fix CVE-2023-40704, replace the default credentials with strong, unique passwords for all accounts within Philips Vue PACS.
Which versions of Philips Vue PACS are affected by CVE-2023-40704?
CVE-2023-40704 affects all versions of Philips Vue PACS up to and including version 12.2.8.410.
What impact does CVE-2023-40704 have on Philips Vue PACS?
CVE-2023-40704 allows unauthorized access to potentially critical functionality within Philips Vue PACS due to default credential usage.
Is there a way to check if my Philips Vue PACS is vulnerable to CVE-2023-40704?
To check for CVE-2023-40704 vulnerabilities, review the authentication settings for default credentials in your Philips Vue PACS installation.

agent/remedy
agent/weakness
agent/title
agent/type
agent/references
agent/first-publish-date
agent/description
agent/author
agent/event
collector/mitre-cve
source/MITRE
agent/severity
agent/softwarecombine
agent/last-modified-date
agent/source
agent/tags
collector/nvd-api
source/NVD
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/philips
canonical/philips isite pacs

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.