CVE-2016-4328

Properties

Published:
08.06.2016
Updated:
10.06.2016
Patch available:
Severity:
High
CVSS vector:
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Product:
medhost: perioperative_information_management_system

Vulnerability description

MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server.

References:

CERT-VN:http://www.kb.cert.org/vuls/id/482135