PT-2022-17928 · Unknown · Hospital Management System

Published

2022-03-31

Updated

2022-05-12

CVE-2022-26546

CVSS v3.1

9.1

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Hospital Management System version 1.0

Description The issue concerns a lack of an authorization component, allowing attackers to access sensitive information and obtain the admin password.

Recommendations For Hospital Management System version 1.0, consider implementing an authorization component to restrict access to sensitive information and protect the admin password. As a temporary workaround, restrict access to sensitive areas of the system until a proper authorization mechanism is in place.

Exploit

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-862

Related Identifiers

CVE-2022-26546

Affected Products

Hospital Management System

PT-2022-17928 · Unknown · Hospital Management System

CVE-2022-26546

Weakness Enumeration

Related Identifiers

Affected Products

References · 6