ГлавнаяУязвимости → CVE-2024-23747
7.5высокая

CVE-2024-23747

Описание

The Moderna Sistemas ModernaNet Hospital Management System 2024 is susceptible to an Insecure Direct Object Reference (IDOR) vulnerability. This vulnerability resides in the system's handling of user data access through a /Modernanet/LAUDO/LAU0000100/Laudo?id= URI. By manipulating this id parameter, an attacker can gain access to sensitive medical information.

Затрагиваемое ПО
Modernasistemas Modernanet hospital management system 2024
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Источники
https://github.com/louiselalanne/CVE-2024-23747https://modernasistemas.com.br/sitems/https://github.com/louiselalanne/CVE-2024-23747https://modernasistemas.com.br/sitems/