PT-2016-6975 · Open Dental · Open Dental
Justin Shafer
·
Published
2016-09-24
·
Updated
2024-08-06
·
CVE-2016-6531
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Open Dental versions 16.1 and earlier
Description
The issue concerns a hardcoded MySQL root password, which could allow remote attackers to gain administrative access by leveraging access to intranet TCP port 3306. The vendor disputes this issue, stating that the password can be changed and recommends that users do so.
Recommendations
For Open Dental versions 16.1 and earlier, change the default MySQL root password to prevent potential administrative access by remote attackers.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Open Dental