CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-1000647

LibreHealthIO lh-ehr version REL-2.0.0 contains a Authenticated Unrestricted File Deletion vulnerability in Import template that can result in Denial of service. This attack appear to be exploitable via User controlled parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.01

EPSS Ranking 75.4%

CVSS Severity

CVSS v3 Score 7.1

CVSS v2 Score 5.5

References

https://0dd.zone/2018/08/07/lh-ehr-Authenticated-File-Deletion/
https://github.com/LibreHealthIO/lh-ehr/issues/1212
https://0dd.zone/2018/08/07/lh-ehr-Authenticated-File-Deletion/
https://github.com/LibreHealthIO/lh-ehr/issues/1212

Products affected by CVE-2018-1000647

Librehealth » Librehealth Ehr » Version: 2.0.0

cpe:2.3:a:librehealth:librehealth_ehr:2.0.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-1000647

Products

Pricing

Contact Us