Denial-of-Service Vulnerability in Sante PACS Server by Sante
CVE-2025-2284

7.5HIGH

Key Information:

Vendor: Santesoft
Status: Sante Pacs Server
Vendor: CVE Published:; 13 March 2025

What is CVE-2025-2284?

A denial-of-service vulnerability exists in the 'GetWebLoginCredentials' function of Sante PACS Server.exe. This flaw may allow an attacker to exploit the affected application, potentially leading to service interruptions and system unavailability. It is crucial for users of Sante PACS Server to review their security measures and apply necessary updates to mitigate risks associated with this vulnerability.

Affected Version(s)

Sante PACS Server 4.1.0

Sante PACS Server 4.2.0

References

https://www.tenable.com/security/research/tra-2025-08

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 13, 2025
Vulnerability Reserved
Mar 13, 2025

Santesoft

What is CVE-2025-2284?

Affected Version(s)

References

CVSS V3.1

Timeline