Vulnerabilities > CVE-2021-32077 - Unspecified vulnerability in Veritystream Msow Solutions
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
Primary Source Verification in VerityStream MSOW Solutions before 3.1.1 allows an anonymous internet user to discover Social Security Number (SSN) values via a brute-force attack on a (sometimes hidden) search field, because the last four SSN digits are part of the supported combination of search selectors. This discloses doctors' and nurses' social security numbers and PII.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |