Platform
other
Component
sante-pacs-server
Fixed in
3.3.4
CVE-2024-1863 is a critical SQL Injection vulnerability affecting Sante PACS Server versions 3.3.3–3.3.3. This flaw allows remote attackers to execute arbitrary code, potentially leading to complete system compromise. The vulnerability stems from improper input validation when processing the token parameter in HTTP requests on port 3000. A patch is available to address this issue.
The impact of CVE-2024-1863 is severe. Successful exploitation allows an attacker to inject malicious SQL code, which is then executed by the Sante PACS Server with NETWORK SERVICE privileges. This can lead to unauthorized access to sensitive patient data, modification of medical records, and even complete control over the server. Given the lack of authentication required, the attack surface is broad, and exploitation is relatively straightforward. The potential for data breaches and disruption of healthcare services is significant. This vulnerability shares characteristics with other SQL injection flaws where attackers can bypass authentication and gain elevated privileges.
CVE-2024-1863 was disclosed on April 1, 2024. It is currently tracked on the NVD. While no active exploitation campaigns have been publicly confirmed, the lack of authentication and the ease of exploitation make it a high-priority vulnerability. The EPSS score is likely to be assessed as high due to the critical CVSS score and the potential for widespread impact. Public proof-of-concept exploits are anticipated given the vulnerability's nature.
Exploit Status
EPSS
6.13% (91% percentile)
CVSS Vector
The primary mitigation for CVE-2024-1863 is to upgrade Sante PACS Server to a patched version as soon as possible. If upgrading immediately is not feasible, consider implementing temporary workarounds. These may include restricting network access to the token endpoint (port 3000) to trusted sources only. Web Application Firewalls (WAFs) can be configured to detect and block SQL injection attempts targeting the token parameter. Thoroughly review and validate all user inputs within the application to prevent future injection vulnerabilities. After upgrading, confirm the vulnerability is resolved by attempting a SQL injection attack on the token endpoint and verifying that it is properly sanitized.
Update Sante PACS Server to a version later than 3.3.3 that fixes the (SQL Injection) vulnerability. Consult the vendor's website for the latest version and upgrade instructions.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2024-1863 is a critical SQL Injection vulnerability in Sante PACS Server versions 3.3.3–3.3.3, allowing attackers to execute arbitrary code.
If you are running Sante PACS Server version 3.3.3–3.3.3, you are affected by this vulnerability and must upgrade immediately.
Upgrade to a patched version of Sante PACS Server. Until then, restrict network access and consider WAF rules.
While no active exploitation campaigns have been publicly confirmed, the vulnerability's ease of exploitation makes it a high-priority risk.
Refer to the Sante PACS Server website and security advisories for the latest information and patch details.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.