CRITICAL🇵🇱 Wersja polska

CVE-2020-14487

CVSS 9.4v3.1pub. 2020-07-29upd. 2024-11-21

OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to login and execute arbitrary commands.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
  • Freemedsoftware Openclinic Ga

    APP
    Freemedsoftware
    5.09.02
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2020-14488HIGH8.8ten sam produkt

OpenClinic GA 5.09.02 and 5.89.05b does not properly verify uploaded files, which may allow a low-privilege us...