Lucene search
China National Vulnerability DatabaseCNVD-2023-40910HistoryMay 17, 2023 - 12:00 a.m.
OpenEMR Access Control Error Vulnerability (CNVD-2023-40910)
2023-05-1700:00:00
China National Vulnerability Database
www.cnvd.org.cn
6
openemr
access control
vulnerability
medical management
electronic medical records
prescription writing
medical billing
front-end user
pharmacy
application access control
EPSS
0.004
Percentile
73.7%
OpenEMR is an open source medical management system from the OpenEMR community. The system can be used for medical practice management, electronic medical records, prescription writing and medical billing requests. An Access Control Error vulnerability exists in OpenEMR versions prior to 7.0.1, which stems from improper application access control. An attacker could exploit the vulnerability to allow a front-end user to add any pharmacy, which could break the logic of the application.
Related
prion
prion
Improper access control
2023-05-12 08:15:00
nvd
nvd
CVE-2023-2674
2023-05-12 08:15:09
cve
cve
CVE-2023-2674
2023-05-12 08:15:09
osv
osv
CVE-2023-2674
2023-05-12 08:15:09
huntr
huntr
Broken Access Controls in Pratice settings
2022-12-26 09:07:33
cvelist
cvelist
CVE-2023-2674 Improper Access Control in openemr/openemr
2023-05-12 00:00:00
openvas
openvas
OpenEMR < 7.0.1 Multiple Vulnerabilities
2023-05-10 00:00:00