Vulnerabilities > CVE-2022-1459 - Authorization Bypass Through User-Controlled Key vulnerability in Open-Emr Openemr

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

LOW

network

low complexity

NVD

Published: 2022-04-25

Updated: 2022-05-04

Summary

Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1.

Part	Description	Count
Application	Open-Emr Open EMR Openemr - Open EMR Openemr 2.0.1.2 Open EMR Openemr 2.7 Open EMR Openemr 2.7.1 Open EMR Openemr 2.7.2 Open EMR Openemr 2.7.3 Open EMR Openemr 2.8.0 Open EMR Openemr 2.8.1 Open EMR Openemr 2.8.2 Open EMR Openemr 2.8.3 Open EMR Openemr 2.9.0 Open EMR Openemr 3.0.0 Open EMR Openemr 3.0.1 Open EMR Openemr 3.1.0 Open EMR Openemr 3.2.0 Open EMR Openemr 4.0.0 Open EMR Openemr 4.1.0 Open EMR Openemr 4.1.1 Open EMR Openemr 4.1.2 Open EMR Openemr 4.1.2.3 Open EMR Openemr 4.1.2.6 Open EMR Openemr 4.1.2.7 Open EMR Openemr 4.2.0 Open EMR Openemr 4.2.0.3 Open EMR Openemr 4.2.1 Open EMR Openemr 4.2.2 Open EMR Openemr 5.0.0 Open EMR Openemr 5.0.0.5 Open EMR Openemr 5.0.0.6 Open EMR Openemr 5.0.1 Open EMR Openemr 5.0.1-6 Open EMR Openemr 5.0.1.1 Open EMR Openemr 5.0.1.2 Open EMR Openemr 5.0.1.3 Open EMR Openemr 5.0.1.4 Open EMR Openemr 5.0.1.5 Open EMR Openemr 5.0.1.6 Open EMR Openemr 5.0.1.7 Open EMR Openemr 5.0.2 Open EMR Openemr 5.0.2.1 Open EMR Openemr 5.0.2.2 Open EMR Openemr 5.0.2.3 Open EMR Openemr 5.0.2.4 Open EMR Openemr 5.0.2.5 Open EMR Openemr 6.0.0 Open EMR Openemr 6.0.0.1 Open EMR Openemr 6.0.0.2 Open EMR Openemr 6.0.0.3 Open EMR Openemr 6.0.0.4 Open EMR Openemr 6.1.0	58