22 matches found
CVE-2022-37710
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: 1 keybackup.data License Encryption Key or 2 Eaglesoft.Server.Configuration.data DbEncryptKeyPrimary Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or...
CVE-2022-37710
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: 1 keybackup.data License Encryption Key or 2 Eaglesoft.Server.Configuration.data DbEncryptKeyPrimary Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or...
CVE-2022-37710
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: 1 keybackup.data License Encryption Key or 2 Eaglesoft.Server.Configuration.data DbEncryptKeyPrimary Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or...
Hardcoded credentials
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: 1 keybackup.data License Encryption Key or 2 Eaglesoft.Server.Configuration.data DbEncryptKeyPrimary Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or...
Eaglesoft 信任管理问题漏洞
Eaglesoft is a software application. A security vulnerability exists in Eaglesoft version 21 that stems from the presence of two methods of cracking the Get Key file...
CVE-2022-37710
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: 1 keybackup.data License Encryption Key or 2 Eaglesoft.Server.Configuration.data DbEncryptKeyPrimary Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or...
PT-2022-24046 · Patterson Dental · Patterson Dental Eaglesoft
Name of the Vulnerable Software and Affected Versions: Patterson Dental Eaglesoft version 21 Description: The issue concerns the encryption mechanism in Patterson Dental Eaglesoft. Although it uses AES-256 encryption, there are two methods to obtain the keyfile, which are through keybackup.data...
CVE-2022-37710
Patterson Dental Eaglesoft 21 uses AES-256, but the keyfile and salt are hardcoded into a DLL/EXE. Two access paths to the keyfile exist: keybackup.data > License > Encryption Key and Eaglesoft.Server.Configuration.data > DbEncryptKeyPrimary > Encryption Key, enabling local attackers ...
CVE-2022-37710
Patterson Dental Eaglesoft 21 has AES-256 encryption but there are two ways to obtain a keyfile: 1 keybackup.data License Encryption Key or 2 Eaglesoft.Server.Configuration.data DbEncryptKeyPrimary Encryption Key. Applicable files are encrypted with keys and salt that are hardcoded into a DLL or...
CVE-2021-35193
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations that have the same software version. This provides remote access to SQL database credentials. In the normal use of the product, retrieving those...
CVE-2021-35193
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations that have the same software version. This provides remote access to SQL database credentials. In the normal use of the product, retrieving those...
Default credentials
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations that have the same software version. This provides remote access to SQL database credentials. In the normal use of the product, retrieving those...
CVE-2021-35193
Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations that have the same software version. This provides remote access to SQL database credentials. In the normal use of the product, retrieving those...
CVE-2021-35193
CVE-2021-35193 affects Patterson Eaglesoft 18–21 via the Patterson Application Service. The vulnerability arises because the service accepts the same certificate authentication across different customer installations with the same software version, enabling remote access to SQL database credentia...
Eaglesoft 信任管理问题漏洞
Eaglesoft is a software application.Eaglesoft is dental software that we call PMS or Practice Management Software. It contains charting information, insurance, patient information, scheduling, scanned documents, and in some cases X-rays if the office is licensed for imaging. Patterson Eaglesoft A...
CVE-2016-2343
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements...
CVE-2016-2343
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements...
Hardcoded credentials
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements...
CVE-2016-2343
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements...
CVE-2016-2343
The CVE-2016-2343 in Patterson Dental Eaglesoft 17 involves a hard-coded database password (sql) used by the dba account, enabling a remote attacker with network access to obtain sensitive patient data from the Dental.DB via SQL statements. Affected component is the Eaglesoft database backend; ro...