Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Session generation possible with certificate number only
Vulnerability Description
The CGM CLININET system provides smart card authentication; however, authentication is conducted locally on the client device, and, in reality, only the certificate number is used for access verification. As a result, possession of the certificate number alone is sufficient for authentication, regardless of the actual presence of the smart card or ownership of the private key.
CVSS Information
N/A
Vulnerability Type
使用客户端的认证机制
Vulnerability Title
CGM CLININET 安全漏洞
Vulnerability Description
CGM CLININET是德国CGM公司的一款医院信息管理系统。 CGM CLININET存在安全漏洞,该漏洞源于智能卡身份验证存在缺陷,仅凭证书号即可通过验证。
CVSS Information
N/A
Vulnerability Type
N/A