CVE-2018-15719critical
Description
Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password. This allows anyone on the network with access to the server to access all database information.
References
Details
Source: MITRE
Published: 2018-12-12
Updated: 2019-10-09
Type: CWE-521
Risk Information
CVSS v2
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
CVSS v3
Base Score: 9.8
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Impact Score: 5.9
Exploitability Score: 3.9
Severity: CRITICAL