Vulnerabilities > CVE-2020-28405 - Incorrect Authorization vulnerability in Iris Star Practice Management 2019.2.0.6
Attack vector
NETWORK Attack complexity
LOW Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL Summary
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application. This can be used to grant himself the administrative role or remove all administrative accounts of the application.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |