Security News > 2023 > October > Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data

Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data
2023-10-26 05:23

Users of Mirth Connect, an open-source data integration platform from NextGen HealthCare, are being urged to update to the latest version following the discovery of an unauthenticated remote code execution vulnerability. Tracked as CVE-2023-43208, the vulnerability has been addressed in version 4.4.1 released on October 6, 2023. "This is an easily exploitable, unauthenticated remote code


News URL

https://thehackernews.com/2023/10/critical-flaw-in-nextgens-mirth-connect.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2023-10-26 CVE-2023-43208 OS Command Injection vulnerability in Nextgen Mirth Connect
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote code execution.
network
low complexity
nextgen CWE-78
critical
 9.8
9.8