Orthanc Server Missing Authentication Vulnerability Allowing Unauthorized Access

A vulnerability exists in Orthanc Server versions prior to 1.5.8, where basic authentication is not enabled by default when remote access is allowed. This oversight could lead to unauthorized access by an attacker.

Impact

Exploitation of this vulnerability could result in unauthorized access to the Orthanc server, allowing an attacker to disclose sensitive information, modify records, or cause a denial-of-service condition.

Remediation

Users are advised to update to the latest version of Orthanc Server or enable HTTP authentication by setting 'AuthenticationEnabled' to true in the configuration file. CISA recommends minimizing network exposure for control system devices, locating them behind firewalls, and using secure remote access methods such as VPNs.