CVE-2022-1459: Non-Privilege User Can View Patient’s Disclosures in openemr/openemr
First published: Mon Apr 25 2022(Updated: )
Non-Privilege User Can View Patient’s Disclosures in GitHub repository openemr/openemr prior to 6.1.0.1.
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Open-emr Openemr | <6.1.0.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2022-1459.
What is the severity rating of CVE-2022-1459?
CVE-2022-1459 has a severity rating of 8.3 (high).
What is the affected software for this vulnerability?
The affected software for this vulnerability is Open-emr Openemr version up to exclusive 6.1.0.1.
How can a non-privilege user view patient's disclosures in the Open-emr Openemr repository prior to version 6.1.0.1?
A non-privilege user can view patient's disclosures in the Open-emr Openemr repository prior to version 6.1.0.1 due to the vulnerability.
Is there a fix available for CVE-2022-1459?
Yes, a fix is available. It is recommended to update to Open-emr Openemr version 6.1.0.1 or higher.
- collector/nvd-index
- agent/weakness
- agent/references
- agent/type
- agent/remedy
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/title
- agent/author
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/open-emr
- canonical/open-emr openemr