3 matches found
CVE-2024-22346
Db2 for IBM i 7.2, 7.3, 7.4, and 7.5 infrastructure could allow a local user to gain elevated privileges due to an unqualified library call. A malicious actor could cause user-controlled code to run with administrator privilege. IBM X-Force ID: 280203...
CVE-2017-11614
MEDHOST Connex contains hard-coded credentials that are used for customer database access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with the database may be able to obtain or modify sensitive patient and financial information. Connex utilize...
CVE-2017-11614
CVE-2017-11614 involves MEDHOST Connex hard-coded IBM i DB2 user credentials (HMSCXPDN). The vulnerability arises because the password is embedded in multiple locations in the Connex application and cannot be changed by customers, and the account has elevated DB2 roles enabling access to all obje...