CVE-2017-9654 in DoseWise Portal
Summary
by MITRE
The Philips DoseWise Portal web-based application versions 1.1.7.333 and 2.1.1.3069 stores login credentials in clear text within backend system files. CVSS v3 base score: 6.5, CVSS vector string: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N.
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 01/31/2020
The Philips DoseWise Portal represents a critical web-based medical application designed for radiation dose management in healthcare environments. This system serves as a centralized platform for storing and analyzing patient radiation exposure data, making it a prime target for cyber adversaries seeking access to sensitive medical information. The vulnerability resides within the application's backend infrastructure where authentication credentials are persistently stored in an unencrypted format, creating a fundamental security weakness that directly impacts the confidentiality of the system. The affected versions 1.1.7.333 and 2.1.1.3069 demonstrate a clear failure in secure credential storage practices that violates established security principles for protecting sensitive authentication data.
The technical flaw manifests as a clear text storage vulnerability where login credentials are written to system files without any form of encryption or obfuscation. This implementation directly violates security best practices and industry standards such as those outlined in CWE-312, which specifically addresses the exposure of sensitive information through cleartext storage. The vulnerability exists at the data persistence layer where the application fails to implement proper cryptographic measures for credential protection, allowing any local user with access to the system files to read authentication information in plain text format. This design flaw creates an inherent risk where unauthorized access to the backend storage directly translates to unauthorized access to the entire system without additional authentication barriers.
The operational impact of this vulnerability extends beyond simple credential theft to encompass broader security implications for healthcare environments. With a CVSS base score of 6.5, the vulnerability presents a moderate to high risk of exploitation, particularly in environments where physical access to backend systems may be possible. The confidentiality impact rating of high indicates that adversaries who gain access to these cleartext credentials can immediately establish unauthorized access to patient data and medical records, potentially leading to privacy violations and compliance breaches under healthcare regulations such as HIPAA. The vulnerability affects the entire system since these credentials likely provide access to administrative functions and sensitive patient information within the radiation dose management system.
Security mitigations for this vulnerability should focus on implementing proper credential storage mechanisms including cryptographic hashing with salt for password storage and encryption of sensitive data at rest. Organizations should immediately implement patch management procedures to upgrade to versions that address this clear text storage issue, while also conducting comprehensive security assessments of backend systems to identify other potential cleartext storage vulnerabilities. The remediation process must include proper configuration management to ensure that no sensitive information is stored in unencrypted formats and that access controls are properly implemented to limit who can access these system files. Additionally, security monitoring should be enhanced to detect unauthorized access attempts to backend storage locations and to track any potential credential compromise events that may result from this vulnerability. This remediation aligns with ATT&CK technique T1566 which focuses on credential access through unauthorized access to system files and T1078 which addresses valid accounts and legitimate credentials as attack vectors.