CVE-2020-14487

Summary

OpenClinic GA 5.09.02 contains a hidden default user account that may be accessed if an administrator has not expressly turned off this account, which may allow an attacker to login and execute arbitrary commands.

Affected Software

VendorProductVersion RangeStatus
open sourceOpenClinic GA5.09.02affected

Weaknesses

  • CWE-912: HIDDEN FUNCTIONALITY CWE-912

Workarounds

OpenClinic GA is aware of these vulnerabilities but has not provided any confirmation of their resolution. Please upgrade to the latest version to ensure you have all current fixes.

ADP Enrichment

CVE Program Container

Additional References

References