CVE-2014-0348

Name of the Vulnerable Software and Affected Versions Artiva Workstation versions 1.3.x through 1.3.8 Artiva Rm version 3.1 MR7 Artiva Healthcare version 5.2 MR5 Artiva Architect version 3.2 MR5

Description The issue allows remote attackers to login to arbitrary domain accounts by using the corresponding username on a Windows client machine when the domain-name option is enabled in the Single Sign-On (SSO) implementation.

Recommendations For Artiva Workstation versions 1.3.x through 1.3.8, update to version 1.3.9 or later. For Artiva Rm version 3.1 MR7, consider disabling the SSO implementation until a patch is available. For Artiva Healthcare version 5.2 MR5, restrict access to the SSO feature to minimize the risk of exploitation. For Artiva Architect version 3.2 MR5, avoid using the domain-name option in the SSO configuration until the issue is resolved.