CVE-2020-14494

OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexity to protect against brute force attacks, which may allow unauthorized users to access the system after no more than a fixed maximum number of attempts.
References
Link Resource
https://us-cert.cisa.gov/ics/advisories/icsma-20-184-01 Third Party Advisory US Government Resource
Configurations

Configuration 1

cpe:2.3:a:openclinic_ga_project:openclinic_ga:5.09.02:*:*:*:*:*:*:*
cpe:2.3:a:openclinic_ga_project:openclinic_ga:5.89.05b:*:*:*:*:*:*:*

Information

Published : 2020-07-20 03:15

Updated : 2021-11-04 06:22


NVD link : CVE-2020-14494

Mitre link : CVE-2020-14494

Products Affected
No products.
CWE
CWE-307

Improper Restriction of Excessive Authentication Attempts