CVE-2023-43208

Name of the Vulnerable Software and Affected Versions NextGen Healthcare Mirth Connect versions prior to 4.4.1

Description The issue is related to an incomplete patch for a previous vulnerability, leading to unauthenticated remote code execution. This vulnerability is caused by insufficient access control in the Mirth Connect web server, allowing an attacker to execute arbitrary code remotely. The vulnerability is related to insecure usage of the Java XStream library for unmarshalling XML payloads. It has been reported that this vulnerability is being actively exploited, and it poses a significant risk to healthcare companies using the Mirth Connect platform.

Recommendations Update to version 4.4.1 or later to prevent unauthorized access. As a temporary workaround, consider restricting access to the Mirth Connect administrator interface until a patch is applied.