Vulnerabilities > CVE-2012-4952 - Credentials Management vulnerability in Dentrix G5

CVSS 0.0 - NONE

Attack vector

UNKNOWN

Attack complexity

UNKNOWN

Privileges required

UNKNOWN

Confidentiality impact

UNKNOWN

Integrity impact

UNKNOWN

Availability impact

UNKNOWN

dentrix

CWE-255

NVD

Published: 2013-05-01

Updated: 2024-11-21

Summary

Henry Schein Dentrix G5 before 15.1.294 has a single internal-database password that is shared across different customers' installations, which allows remote attackers to obtain sensitive information about patients by leveraging knowledge of this password from another installation.

Vulnerable Configurations

Part	Description	Count
Application	Dentrix Dentrix G5 *	1

Common Weakness Enumeration (CWE)

CWE-255 - Credentials Management

References

http://www.dentrix.com/support/software-updates/g5.aspx
http://www.dentrix.com/support/software-updates/g5.aspx
http://www.kb.cert.org/vuls/id/948155
http://www.kb.cert.org/vuls/id/948155
http://www.kb.cert.org/vuls/id/JALR-8ZRHUK
http://www.kb.cert.org/vuls/id/JALR-8ZRHUK