#VU12395 Security restrictions bypass in OpenEMR - CVE-2018-10573

Cybersecurity Help s.r.o.

Published: 2018-05-07 | Updated: 2020-05-27

Vulnerability identifier: #VU12395

Vulnerability risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-10573

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
OpenEMR
Client/Desktop applications / Other client software

Vendor: OpenEMR

Description
The vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.

The weakness exists in the interface/fax/fax_dispatch.php code due improper security restrictions. A remote attacker can send specially crafted input to the scan parameter and bypass access restrictions.

Mitigation
Update to version 5.0.1.

Vulnerable software versions

OpenEMR: 4.1 - 5.0

External links
https://github.com/openemr/openemr/pull/1519
https://github.com/openemr/openemr/issues/1518

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Security restrictions bypass in OpenEMR