Lucene search
K
IrisStar Practice Management

5 matches found

CVE
CVE
added 2021/01/29 6:9 a.m.74 views

CVE-2020-28404

CVE-2020-28404 affects Star Practice Management Web (version 2019.2.0.6). The connected documents describe an improper authorization vulnerability that allows an unauthorized user to access the Billing page without the appropriate privileges, indicating an access-control error in the web applicat...

6.5CVSS6.3AI score0.01342EPSS
CVE
CVE
added 2021/01/29 6:11 a.m.70 views

CVE-2020-28406

CVE-2020-28406 affects Star Practice Management Web version 2019.2.0.6, with an improper authorization flaw that lets an unauthorized user view details about jobs they should not access via the Audit Trail feature. The connected records confirm the same vulnerability description across multiple s...

6.5CVSS6.3AI score0.01342EPSS
CVE
CVE
added 2021/01/29 6:10 a.m.69 views

CVE-2020-28405

CVE-2020-28405 concerns an improper authorization flaw in Star Practice Management Web version 2019.2.0.6. An unauthorized user can change privileges for any user, enabling self-authorization to the administrative role or removing all administrative accounts. The vulnerability is described consis...

8.8CVSS8.6AI score0.01618EPSS
CVE
CVE
added 2021/01/29 6:7 a.m.68 views

CVE-2020-28402

CVE-2020-28402 affects Star Practice Management Web (v2019.2.0.6). The issue is an improper authorization that could allow an unauthorized user to access the Launcher Configuration Panel. Documented by multiple sources (NVD, Red Hat, CNVD and others) with no public exploitation details or fixes p...

8.8CVSS8.5AI score0.01416EPSS
CVE
CVE
added 2021/01/29 6:7 a.m.64 views

CVE-2020-28401

CVE-2020-28401 affects Star Practice Management Web (version 2019.2.0.6). The cited entries describe an improper authorization vulnerability that allows an unauthorized user to access WIP details for jobs they should not see. The core issue is access control: an attacker can retrieve sensitive WI...

6.5CVSS6.3AI score0.01306EPSS