CVE-2017-11743

Name of the Vulnerable Software and Affected Versions MEDHOST Connex (affected versions not specified)

Description The issue concerns a hard-coded Mirth Connect admin credential in MEDHOST Connex, which could allow an attacker to intercept sensitive patient information if they have knowledge of the credential and direct access to the Mirth Connect management console. The admin account password is hard-coded as $K8t1ng throughout the application and is the same across all installations. Customers cannot change the Mirth Connect admin account password.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.