Mckesson Security Vulnerabilities

CVE-2001-1546

Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to gain privileges by recovering the passwords from the pwhc.ini file.

CVE-2017-16776

Security researchers discovered an authentication bypass vulnerability in version 2.0.2 of the Conserus Workflow Intelligence application by McKesson Medical Imaging Company, which is now a Change Healthcare company. The attacker must send a malicious HTTP GET request to exploit the vulnerability. ...

CVE-2018-18630

A vulnerability was found in McKesson Cardiology product 13.x and 14.x. Insecure file permissions in the default installation may allow an attacker with local system access to execute unauthorized arbitrary code.