免费扫描
CRITICALCVE-2025-0896CVSS 9.8

Orthanc 服务器关键功能缺少身份验证

平台

other

组件

orthanc-server

修复版本

1.5.8

AI Confidence: highNVDEPSS 0.3%已审阅: 2026年5月
在NVD查看
保存
正在翻译为您的语言…

CVE-2025-0896 affects Orthanc server versions prior to 1.5.8. This vulnerability stems from the default configuration where remote access is enabled without basic authentication. An attacker can exploit this to gain unauthorized access to the Orthanc server, potentially exposing sensitive medical imaging data. The vulnerability was published on 2025-02-13 and a fix is available in version 1.5.8.

影响与攻击场景翻译中…

The primary impact of CVE-2025-0896 is unauthorized access to the Orthanc server. Because Orthanc is frequently used in medical imaging environments, this could lead to the exposure of Protected Health Information (PHI) and other sensitive patient data. An attacker could potentially download entire datasets of medical images, modify existing images, or even inject malicious images into the system. The lack of authentication means that no credentials are required to access the server, significantly lowering the barrier to entry for attackers. This vulnerability presents a high risk of data breach and potential regulatory penalties.

利用背景翻译中…

This vulnerability is considered high-risk due to its critical CVSS score and the potential for significant data exposure. No public proof-of-concept (POC) code has been released as of the publication date, but the ease of exploitation makes it likely that attackers will develop and deploy exploits. The vulnerability was disclosed publicly on 2025-02-13. It is not currently listed on the CISA KEV catalog.

哪些人处于风险中翻译中…

Healthcare organizations utilizing Orthanc server for medical image storage and retrieval are at significant risk. This includes hospitals, clinics, radiology centers, and research institutions. Organizations with legacy Orthanc deployments or those that have not implemented proper security configurations are particularly vulnerable.

检测步骤翻译中…

• windows / supply-chain: Monitor network traffic for unauthorized access attempts to the Orthanc server on the default port. Use Windows Defender to scan for suspicious processes or files associated with Orthanc. • linux / server: Use journalctl -u orthanc to monitor Orthanc logs for unusual activity. Implement auditd rules to track access attempts to the Orthanc server. • generic web: Use curl -I <orthancserverip> to check if remote access is enabled without authentication. Examine access logs for unauthorized access attempts.

攻击时间线

  1. Disclosure

    disclosure

威胁情报

漏洞利用状态

概念验证未知
CISA KEVNO
互联网暴露

EPSS

0.30% (53% 百分位)

CISA SSVC

利用情况none
可自动化yes
技术影响total

CVSS 向量

威胁情报· CVSS 3.1CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H9.8CRITICALAttack VectorNetwork攻击者如何到达目标Attack ComplexityLow利用漏洞所需的条件Privileges RequiredNone攻击所需的认证级别User InteractionNone是否需要受害者采取行动ScopeUnchanged超出受影响组件的影响范围ConfidentialityHigh敏感数据泄露风险IntegrityHigh数据未授权篡改风险AvailabilityHigh服务中断风险nextguardhq.com · CVSS v3.1 基础分数
这些指标意味着什么?
Attack Vector
网络 — 可通过互联网远程利用,无需物理或本地访问。攻击面最大。
Attack Complexity
低 — 无需特殊条件,可以稳定地利用漏洞。
Privileges Required
无 — 无需认证,无需凭证即可利用。
User Interaction
无 — 攻击自动且无声,受害者无需任何操作。
Scope
未改变 — 影响仅限于脆弱组件本身。
Confidentiality
高 — 完全丧失机密性,攻击者可读取所有数据。
Integrity
高 — 攻击者可写入、修改或删除任何数据。
Availability
高 — 完全崩溃或资源耗尽,完全拒绝服务。

受影响的软件

组件orthanc-server
供应商Orthanc
影响范围修复版本
0 – 1.5.81.5.8

弱点分类 (CWE)

CWE-306

时间线

  1. 已保留
  2. 发布日期
  3. EPSS 更新日期

缓解措施和替代方案翻译中…

The primary mitigation for CVE-2025-0896 is to upgrade Orthanc server to version 1.5.8 or later. If upgrading is not immediately possible, consider temporarily disabling remote access functionality. As a secondary measure, implement a Web Application Firewall (WAF) with rules to block unauthorized access attempts to the Orthanc server. Ensure that any existing firewall rules are reviewed and updated to restrict access to only authorized IP addresses. After upgrading, confirm the fix by attempting to access the Orthanc server remotely without providing credentials; access should be denied.

修复方法

将 Orthanc 服务器更新到 1.5.8 或更高版本。配置基本身份验证以限制未经授权的访问。请参阅 Orthanc 官方文档以获取有关如何启用身份验证的详细说明。

CVE 安全通讯

漏洞分析和关键警报直接发送到您的邮箱。

常见问题翻译中…

What is CVE-2025-0896 — Authentication Bypass in Orthanc Server?

CVE-2025-0896 is a critical vulnerability in Orthanc server versions 0.0 - 1.5.8 that allows unauthorized remote access due to the lack of default basic authentication when remote access is enabled.

Am I affected by CVE-2025-0896 in Orthanc Server?

You are affected if you are running Orthanc server versions 0.0 through 1.5.8 and have remote access enabled. Check your version and immediately upgrade if vulnerable.

How do I fix CVE-2025-0896 in Orthanc Server?

Upgrade Orthanc server to version 1.5.8 or later. If immediate upgrade is not possible, disable remote access until the upgrade can be performed.

Is CVE-2025-0896 being actively exploited?

While no active exploitation has been confirmed, the ease of exploitation suggests it is likely to be targeted. Monitor your systems closely.

Where can I find the official Orthanc advisory for CVE-2025-0896?

Refer to the Orthanc project's official website and security advisories for the latest information and updates regarding CVE-2025-0896.

你的项目受影响吗?

上传你的依赖文件,立即了解此CVE和其他CVE是否影响你。

免费扫描搜索 CVE