INFINITT PACS System Manager Unauthorized Access Vulnerability

A vulnerability exists in INFINITT PACS System Manager versions 3.0.11.5 BN9 and prior, allowing unauthorized users to access the system without proper authorization. This could lead to unauthorized access to system resources. The vulnerability is categorized as CWE-497, Exposure of Sensitive System Information to an Unauthorized Control Sphere.

Impact

Exploitation of this vulnerability could result in unauthorized access to system resources, potentially leading to information disclosure or unauthorized manipulation of system data.

Remediation

Users are advised to update to the latest version of INFINITT PACS System Manager (3.0.11.5 BN10 or later), which includes security patches addressing this vulnerability. For customers using INFINITT ULite integrated with INFINITT PACS, patching is required to secure the PACS environment. Additional support can be obtained by contacting the INFINITT Security Team at cybersecurity@infinitt.com.