Vulnerabilities > Openclinic GA Project > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-20 | CVE-2020-14494 | Improper Restriction of Excessive Authentication Attempts vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexity to protect against brute force attacks, which may allow unauthorized users to access the system after no more than a fixed maximum number of attempts. | 9.8 |
2020-07-20 | CVE-2020-14485 | Improper Authentication vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass client-side access controls or use a crafted request to initiate a session with limited functionality, which may allow execution of admin functions such as SQL queries. | 9.8 |
2020-07-20 | CVE-2020-14484 | Improper Restriction of Excessive Authentication Attempts vulnerability in Openclinic GA Project Openclinic GA 5.09.02/5.89.05B OpenClinic GA versions 5.09.02 and 5.89.05b may allow an attacker to bypass the system’s account lockout protection, which may allow brute force password attacks. | 9.8 |