CVE-2024-1228

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Eurosoft Przychodnia versions prior to 20240417.001

Description The issue is related to the use of a hard-coded password for the patients' database, allowing an attacker to retrieve sensitive data. This password is uniform across all Eurosoft Przychodnia installations.

Recommendations For versions prior to 20240417.001, update to version 20240417.001 or later to resolve the issue. As a temporary workaround, consider restricting access to the patients' database until the update can be applied.

Fix

Using Hardcoded Credentials

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-259CWE-798

Related Identifiers

CVE-2024-1228

Affected Products

Eurosoft Przychodnia

CVE-2024-1228

Weakness Enumeration

Related Identifiers

Affected Products

References · 16