CVE-2022-2272 – This vulnerability allows remote attackers to bypass authentication on affected installati …

3 August 2022

Vuln ID: CVE-2022-2272

Published: 2022-08-03 16:15:08Z

Description: This vulnerability allows remote attackers to bypass authentication on affected installations of Sante PACS Server 3.0.4. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of calls to the login endpoint. When parsing the username element, the process does not properly validate a user-supplied string before using it to construct SQL queries. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-17331.

Source: NVD.NIST.GOV

Date:

3 August 2022

Categorie(s):

NVD

Tag(s):

NVD

UK IT Leaders Are Prioritizing Cybersecurity: But Is This a Good Thing?24 April 2024
If Britain is so bothered by China, why do these .gov.uk sites use Chinese ad brokers?24 April 2024
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners24 April 2024
“All for One and One for All”: The EU Cyber Solidarity Act Strengthens Digital Defenses24 April 2024
Rewards Up to $10 Million for Information on Iranian Hackers24 April 2024