High severity7.5OSV Advisory· Published Nov 4, 2017· Updated Jun 17, 2026
CVE-2017-16540
CVE-2017-16540
Description
OpenEMR before 5.0.0 Patch 5 allows unauthenticated remote database copying because setup.php exposes functionality for cloning an existing OpenEMR site to an arbitrary attacker-controlled MySQL server via vectors involving a crafted state parameter.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
3- www.open-emr.org/wiki/index.php/OpenEMR_PatchesnvdIssue TrackingPatchVendor Advisory
- isears.github.io/jekyll/update/2017/10/28/openemr-database-disclosure.htmlnvdExploitIssue TrackingThird Party Advisory
- www.securityfocus.com/bid/101983nvd
News mentions
0No linked articles in our index yet.