CVE-2023-51637

CRITICAL 9.8

Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability

CVSS Score

9.8

EPSS Score

0.0%

EPSS Percentile

0th

Sante PACS Server PG Patient Query SQL Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sante PACS Server PG. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the DICOM service, which listens on TCP port 11122 by default. When parsing the NAME element of the PATIENT record, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to execute code in the context of NETWORK SERVICE. Was ZDI-CAN-21579.

CWE	CWE-89
Vendor	sante
Product	pacs server pg
Published	May 22, 2024
Last Updated	Aug 8, 2024

Stay Ahead of the Next One

Get instant alerts for sante pacs server pg

Be the first to know when new critical vulnerabilities affecting sante pacs server pg are published — delivered to Slack, Telegram or Discord.

Get Free Alerts → Free · No credit card · 60 sec setup

CVSS v3 Breakdown

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected Versions

Sante / PACS Server PG

3.3.3

References

NVD ↗ CVE.org ↗ EPSS Data ↗

zerodayinitiative.com: https://www.zerodayinitiative.com/advisories/ZDI-24-468/