CVE-2023-40150
published 2023-09-11CVE-2023-40150: Softneta MedDream PACS does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote code…
PriorityP267critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.01%
58.7th percentile
Softneta MedDream PACS does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote code execution.0
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| softneta | meddream_pacs | <= 7.2.8.810 | — |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vendor_oracle7.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q7vg-5vwj-j32j: ?The affected product does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote
ghsa_unreviewed·2023-09-11
CVE-2023-40150 [CRITICAL] CWE-749 GHSA-q7vg-5vwj-j32j: ?The affected product does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote
?The affected product does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote code execution.0
Oracle
Oracle Oracle Siebel CRM Risk Matrix: EAI (Jettison) — CVE-2022-40150
vendor_oracle·2023-07-15·CVSS 7.5
CVE-2022-40150 [MEDIUM] Oracle Oracle Siebel CRM Risk Matrix: EAI (Jettison) — CVE-2022-40150
Oracle Oracle Siebel CRM Risk Matrix: EAI (Jettison) vulnerability
CVE: CVE-2022-40150
CVSS: 7.5
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpujul2023 (JUL 2023)
Oracle
Oracle Oracle Communications Applications Risk Matrix: Webservices Manager (Jettison) — CVE-2022-40150
vendor_oracle·2023-01-15·CVSS 7.5
CVE-2022-40150 [MEDIUM] Oracle Oracle Communications Applications Risk Matrix: Webservices Manager (Jettison) — CVE-2022-40150
Oracle Oracle Communications Applications Risk Matrix: Webservices Manager (Jettison) vulnerability
CVE: CVE-2022-40150
CVSS: 7.5
Protocol: HTTP
Remote exploit: Yes
Affected versions: Network
Advisory: cpujan2023 (JAN 2023)
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-09-11
Published