CRITICAL🇬🇧 English

CVE-2020-14487

CVSS 9.4v3.1pub. 2020-07-29upd. 2024-11-21

OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to login and execute arbitrary commands.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  • Freemedsoftware Openclinic Ga

    APP
    Freemedsoftware
    5.09.02
🔵
ZWERYFIKUJ U PRODUCENTA
Brak jednoznacznych danych o patchu. Sprawdź referencje od producenta.
CWE
Referencje

Powiązane podatności

CVE-2020-14488HIGH8.8ten sam produkt

OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege us...