CVE-2016-2343

Vulnerability

Patterson Dental Eaglesoft version 17 (and possibly other versions) contains a hardcoded database password of sql for the dba account [1]. This credential is shared across all installations and cannot be changed by administrators without breaking database access [1]. The vulnerability is classified as CWE-798: Use of Hard-coded Credentials [1].

Exploitation

An attacker with network access to the Eaglesoft database can use the known hardcoded credentials (dba / sql) to authenticate and execute arbitrary SQL statements [1]. No authentication or user interaction is required beyond network connectivity to the database service [1]. The attacker does not need prior access to the Eaglesoft application itself.

Impact

Successful exploitation allows the attacker to retrieve sensitive patient information stored in the Dental.DB database, including personal health records [1]. The impact is a breach of confidentiality; the attacker gains read access to the entire database contents without any privilege escalation [1].

Mitigation

As of the CERT/CC publication date (2016-03-30), no vendor-supplied fix was available [1]. The recommended workarounds include restricting network access to the database to trusted hosts and networks, and ensuring the database is not accessible over insecure wireless networks (use WPA2 encryption, disable WPS) [1]. Administrators cannot change the hardcoded password without breaking database functionality [1]. The product may be considered end-of-life; users should consult the vendor for current support status.