CVE-2013-6945

Name of the Vulnerable Software and Affected Versions OSEHRA VistA versions prior to September 30, 2013

Description The issue allows attackers to bypass authentication and authorization, enabling them to perform actions restricted to doctors and access or modify patient records. This is due to a logic flaw, although the specific vectors related to this flaw are not specified.

Recommendations For OSEHRA VistA versions prior to September 30, 2013, update to a version released after September 30, 2013, to resolve the issue. As a temporary workaround, consider restricting access to sensitive patient records and doctor-only actions until the update can be applied.