CVE-2025-0896 Information

Description

Orthanc server prior to version 1.5.8 does not enable basic authentication by default when remote access is enabled. This could result in unauthorized access by an attacker.

Reference

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-037-02