CVE-2018-15152 Information

Description

Authentication bypass vulnerability in portal/account/register.php in versions of OpenEMR before 5.0.1.4 allows a remote attacker to access (1) portal/add_edit_event_user.php (2) portal/find_appt_popup_user.php (3) portal/get_allergies.php (4) portal/get_amendments.php (5) portal/get_lab_results.php (6) portal/get_medications.php (7) portal/get_patient_documents.php (8) portal/get_problems.php (9) portal/get_profile.php (10) portal/portal_payment.php (11) portal/messaging/messages.php (12) portal/messaging/secure_chat.php (13) portal/report/pat_ledger.php (14) portal/report/portal_custom_report.php or (15) portal/report/portal_patient_report.php without authenticating as a patient.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Reference

https://github.com/openemr/openemr/pull/1758/files https://insecurity.sh/reports/openemr.pdf https://www.databreaches.net/openemr-patches-serious-vulnerabilities-uncovered-by-project-insecurity/ https://www.open-emr.org/wiki/index.php/OpenEMR_Patches

Attack Complexity

LOW

Privileges Required

NONE

User Interaction Required

NONE

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

NONE

Base Severity

9.1