Vulnerabilities > CVE-2020-14486 - Incorrect Authorization vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B

047910
CVSS 8.8 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
openclinic-ga-project
CWE-863
NVD
Published: 2020-07-29
Updated: 2020-07-29

Summary

An attacker may bypass permission/authorization checks in OpenClinic GA 5.09.02 and 5.89.05b by ignoring the redirect of a permission failure, which may allow unauthorized execution of commands.

Vulnerable Configurations

Part Description Count
Application
Openclinic_Ga_Project
2

Common Weakness Enumeration (CWE)

References