CVE-2017-11694

{"id": "CVE-2017-11694", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.4, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N", "authentication": "NONE", "integrityImpact": "PARTIAL", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 9.1, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 3.9}]}, "published": "2017-07-28T13:29:00.227", "references": [{"url": "http://seclists.org/fulldisclosure/2017/Jul/71", "tags": ["Mailing List", "Third Party Advisory"], "source": "cve@mitre.org"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-798"}]}], "descriptions": [{"lang": "en", "value": "MEDHOST Document Management System contains hard-coded credentials that are used for Apache Solr access. An attacker with knowledge of the hard-coded credentials and the ability to communicate directly with Apache Solr may be able to obtain or modify sensitive patient and financial information. The Apache Solr account name is dms. The password is hard-coded throughout the application, and is the same across all installations. Customers do not have the option to change passwords. The dms account for Apache Solr has access to all indexed patient documents."}, {"lang": "es", "value": "El sistema de gesti\u00f3n de documentos de MEDHOST contiene credenciales codificadas que son usadas para el acceso a Apache Solr. Un atacante con conocimiento de las credenciales codificadas y la capacidad de comunicarse directamente con Apache Solr puede obtener o modificar informaci\u00f3n financiera y confidencial del paciente. El nombre de la cuenta Apache Solr es dms. La contrase\u00f1a est\u00e1 codificada en toda la aplicaci\u00f3n y es la misma en todas las instalaciones. Los clientes no tienen la opci\u00f3n de cambiar las contrase\u00f1as. La cuenta dms para Apache Solr tiene acceso a todos los documentos de pacientes indexados."}], "lastModified": "2017-08-15T17:30:12.700", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:medhost:medhost_document_management_system:-:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "2DE13E75-1EDB-4F32-952A-0ED20F12A3E9"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}