CVE-2022-1177

Accounting User Can Download Patient Reports in openemr in GitHub repository openemr/openemr prior to 6.1.0.
Configurations

Configuration 1 (hide)

cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*

History

21 Nov 2024, 06:40

Type Values Removed Values Added
References () https://github.com/openemr/openemr/commit/a2e918abcf15f9fc1f7cb4a1f2b09ff019021175 - Patch, Third Party Advisory () https://github.com/openemr/openemr/commit/a2e918abcf15f9fc1f7cb4a1f2b09ff019021175 - Patch, Third Party Advisory
References () https://huntr.dev/bounties/0bb2979b-9643-4cdf-ab58-4354976b481b - Exploit, Patch, Third Party Advisory () https://huntr.dev/bounties/0bb2979b-9643-4cdf-ab58-4354976b481b - Exploit, Patch, Third Party Advisory

Information

Published : 2022-03-30 11:15

Updated : 2024-11-21 06:40


NVD link : CVE-2022-1177

Mitre link : CVE-2022-1177

CVE.ORG link : CVE-2022-1177


JSON object : View

Products Affected

open-emr

  • openemr
CWE
CWE-1220

Insufficient Granularity of Access Control

CWE-863

Incorrect Authorization