Security Advisory

CVE-2020-28937

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-12-03 15:54:36

Last updated 2024-08-04 16:47:59

Assigner mitre

State PUBLISHED

Description

OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patients medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI.

← Browse all CVEs View on cve.org ↗