Vulnerabilities > CVE-2020-28402 - Incorrect Authorization vulnerability in Iris Star Practice Management 2019.2.0.6

047910
CVSS 6.5 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
iris
CWE-863

Summary

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel.

Vulnerable Configurations

Part Description Count
Application
Iris
1

Common Weakness Enumeration (CWE)