VYPR
High severity7.5NVD Advisory· Published May 5, 2026· Updated May 5, 2026

CVE-2023-54347

CVE-2023-54347

Description

OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically test username and password combinations without account lockout restrictions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Openemr/Openemrreferences3 versions
    (expand)+ 2 more
    • (no CPE)
    • cpe:2.3:a:open-emr:openemr:7.0.1:*:*:*:*:*:*:*
    • (no CPE)range: =7.0.1

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.