CVE-2018-15718

Summary

Open Dental before version 18.4 transmits the entire user database over the network when a remote unauthenticated user accesses the command prompt. This allows the attacker to gain access to usernames, password hashes, privilege levels, and more.

Affected Software

VendorProductVersion RangeStatus
Open DentalOpen Dental18.3 and belowaffected

Weaknesses

  • CWE-200: CWE-200 Information Exposure

ADP Enrichment

CVE Program Container

Additional References

References