Use of hard-coded password to the patients' database...
Critical severity
Unreviewed
Published
Jun 10, 2024
to the GitHub Advisory Database
•
Updated Jun 12, 2024
Description
Published by the National Vulnerability Database
Jun 10, 2024
Published to the GitHub Advisory Database
Jun 10, 2024
Last updated
Jun 12, 2024
Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. The password is the same among all drEryk Gabinet installations.This issue affects drEryk Gabinet software versions from 7.0.0.0 through 9.17.0.0.
References