#VU29510 Hidden functionality in OpenClinic GA - CVE-2020-14487
Published: July 3, 2020
Vulnerability identifier: #VU29510
Vulnerability risk: High
CVSSv4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:U/U:Amber
CVE-ID: CVE-2020-14487
CWE-ID: CWE-912
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vulnerable software:
OpenClinic GA
OpenClinic GA
Software vendor:
Frank Verbeke
Frank Verbeke
Description
The vulnerability allows a remote attacker to compromise vulnerable system
The vulnerability exists due to hidden functionality (backdoor) is present in software. A remote attacker can use this functionality to gain full access to the application and compromise the affected system.
Remediation
Cybersecurity Help is currently unaware of any official solution to address this vulnerability.