PT-2017-10934 · Openemr · Openemr
Yann Chalenã§On
·
Publicado
2017-11-17
·
Atualizado
2019-10-03
·
CVE-2017-1000241
CVSS v3.1
8.1
Alta
| Vetor | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
OpenEMR versions prior to 5.0.1-dev
Description
The issue allows authenticated non-administrator users to view and modify information that is only accessible to administrators, due to a vertical privilege escalation.
Recommendations
For OpenEMR versions prior to 5.0.1-dev, update to a version that contains a fix for this issue to prevent unauthorized access and modification of sensitive information.
Correção
Improper Privilege Management
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Openemr