CVE-2015-4594
CVE-2015-4594 affects eClinicalWorks Population Health CCMR Client Portal. The root cause is a missing new session ID upon user authentication, enabling session fixation by reusing an existing session ID. The vulnerability implies potential compromise of active sessions (high/critical impact per ...