Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Unprotected Exposed Firebird Database with default credentials
Vulnerability Description
An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the database includes patient data and login credentials among other sensitive data. In addition, this enables an attacker to create and overwrite arbitrary files on the server filesystem with the rights of the Firebird database ("NT AUTHORITY\SYSTEM").
CVSS Information
N/A
Vulnerability Type
CWE-1393
Vulnerability Title
HASOMED Elefant 安全漏洞
Vulnerability Description
HASOMED Elefant是德国HASOMED公司的一个练习软件。专门满足心理治疗师、儿童和青少年心理治疗师以及医学心理治疗师的需求。 HASOMED Elefant 24.04.00之前版本和Elefant Software Updater 1.4.2.1811之前版本存在安全漏洞,该漏洞源于存在弱口令与权限提升漏洞,会导致患者数据、登录凭证等敏感信息泄露。
CVSS Information
N/A
Vulnerability Type
N/A