CVE-2018-15719

Summary

Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password. This allows anyone on the network with access to the server to access all database information.

Affected Software

VendorProductVersion RangeStatus
Open DentalOpen Dental18.3 and belowaffected

Weaknesses

  • CWE-255: CWE-255 Credentials management

ADP Enrichment

CVE Program Container

Additional References

References