Opendental: >> Opendental >> 16.2 Security Vulnerabilities
Open Dental before version 18.4 stores user passwords as base64 encoded MD5 hashes.
CVSS Score
5.3
EPSS Score
0.001
Published
2018-12-12
Open Dental before version 18.4 transmits the entire user database over the network when a remote unauthenticated user accesses the command prompt. This allows the attacker to gain access to usernames, password hashes, privilege levels, and more.
CVSS Score
7.5
EPSS Score
0.005
Published
2018-12-12
Open Dental before version 18.4 installs a mysql database and uses the default credentials of "root" with a blank password. This allows anyone on the network with access to the server to access all database information.
CVSS Score
9.8
EPSS Score
0.003
Published
2018-12-12