Hardcoded Password Vulnerability in OsiriX DICOM Listener
CVE-2013-4425 · LOW Severity
AV:L/AC:M/AU:N/C:P/I:N/A:N
The DICOM listener in OsiriX before 5.8 and before 2.5-MD, when starting up, encrypts the TLS private key file using "SuperSecretPassword" as the hardcoded password, which allows local users to obtain the private key.
Learn more about our User Device Pen Test.