CVE-2024-50589

Published at:
2024-11-08T12:15:14.707
Source: 551230f0-3615-47bd-b7cc-93e92e730bbf

Global infos:

An unauthenticated attacker with access to the local network of the medical office can query an unprotected Fast Healthcare Interoperability Resources (FHIR) API to get access to sensitive electronic health records (EHR).

CVE Status: Awaiting Analysis

References:

  • 551230f0-3615-47bd-b7cc-93e92e730bbf
  • 551230f0-3615-47bd-b7cc-93e92e730bbf
    •

    Metrics:

    AttributeValue
    Attack ComplexityLOW
    Attack VectorNETWORK
    Availability ImpactNONE
    Base Score7.5
    Base SeverityHIGH
    Confidentiality ImpactHIGH
    Integrity ImpactNONE
    Privileges RequiredNONE
    ScopeUNCHANGED
    User InteractionNONE
    Vector StringCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
    Exploitability Score3.9
    Impact Score3.6
    Source134c704f-9b21-4f2e-91b3-4a467353bcc0
    TypeSecondary

    Links:

    Exploit-db
    Github

    Most recherched CVEs
    Popular Keywords