Unrated severityNVD Advisory· Published Dec 3, 2020· Updated Aug 4, 2024
CVE-2020-28937
CVE-2020-28937
Description
OpenClinic version 0.8.2 is affected by a missing authentication vulnerability that allows unauthenticated users to access any patient's medical test results, possibly resulting in disclosure of Protected Health Information (PHI) stored in the application, via a direct request for the /tests/ URI.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- OpenClinic/OpenClinicdescription
- Range: = 0.8.2
Patches
Vulnerability mechanics
References
1- labs.bishopfox.com/advisories/openclinic-version-0.8.2mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.