Required CVE Record Information
Description
A hardcoded credential vulnerability exists in IBM Merge Healthcare eFilm Workstation. A remote, unauthenticated attacker can exploit this vulnerability to achieve information disclosure or remote code execution.
CVSS 2 Total
| Score | Severity | Version | Vector String |
|---|---|---|---|
| 9.8 | CRITICAL | 3.1 | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
| 10.0 | — | 2.0 | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Credits
- Exodus Intelligence finder
References 1 Total
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 1 Total
- https://blog.exodusintel.com/2024/01/25/ibm-merge-healthcare-efilm-workstation-information-disclosure/ vendor-advisoryx_transferred