CVE-2014-0348

The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding username on a Windows client machine.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.5 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:S/C:P/I:N/A:N
certccCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 49%
VendorProductVersion
ontariosystemsartiva_architect
3.2:mr5
ontariosystemsartiva_healthcare
5.2:mr5
ontariosystemsartiva_rm
3.1:mr7
ontariosystemsartiva_workstation
1.3.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.kb.cert.org/vuls/id/215284
http://www.kb.cert.org/vuls/id/215284