CVE-2025-0896

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Feb 13, 2025

CWE ID 306

Summary

CVE-2025-0896 refers to a vulnerability in Orthanc server versions prior to 1.5.8. This issue allows unauthorized access if remote access is enabled and basic authentication is not enabled by default. An attacker can exploit this vulnerability to gain unauthorized access to the server. It is crucial for affected organizations to update their Orthanc servers to the latest version to mitigate this risk. Failure to do so may result in data breaches or unauthorized system modifications.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Server

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/27wUc6
https://www.cve.org/CVERecord?id=CVE-2025-0896
https://nvd.nist.gov/vuln/detail/CVE-2025-0896

Back to Vulnerability Database

CVE-2025-0896

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations