Vulnerabilities > CVE-2016-4328 - Hard Coded Credentials Authentication Bypass vulnerability in MEDHOST PIMS

047910
CVSS 10.0 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
network
low complexity
medhost
critical
NVD
Published: 2016-06-10
Updated: 2016-06-10

Summary

MEDHOST Perioperative Information Management System (aka PIMS or VPIMS) before 2015R1 has hardcoded credentials, which makes it easier for remote attackers to obtain sensitive information via direct requests to the application database server. <a href="http://cwe.mitre.org/data/definitions/798.html">CWE-798: Use of Hard-coded Credentials</a>

Vulnerable Configurations

Part Description Count
Application
Medhost
1

Packetstorm

References