CVE-2018-15719

Name of the Vulnerable Software and Affected Versions Open Dental versions prior to 18.4

Description The issue allows unauthorized access to database information due to the use of default credentials. Specifically, the mysql database is installed with the default credentials of root and a blank password, potentially exposing all database information to anyone on the network with access to the server.

Recommendations For versions prior to 18.4, update to version 18.4 or later to resolve the issue. As a temporary workaround, consider changing the default database credentials to secure ones, restricting access to the database server, and limiting network access to the server to minimize the risk of exploitation.