Hardcoded Password Vulnerability in OsiriX DICOM Listener

Hardcoded Password Vulnerability in OsiriX DICOM Listener

CVE-2013-4425 · LOW Severity

AV:L/AC:M/AU:N/C:P/I:N/A:N

The DICOM listener in OsiriX before 5.8 and before 2.5-MD, when starting up, encrypts the TLS private key file using "SuperSecretPassword" as the hardcoded password, which allows local users to obtain the private key.

Learn more about our User Device Pen Test.