CVE-2016-2343

EUVD-2016-3427
Patterson Dental Eaglesoft 17 has a hardcoded password of sql for the dba account, which allows remote attackers to obtain sensitive Dental.DB patient information via SQL statements.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9.8 CRITICAL
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
patterson_dentaleaglesoft
17.0
𝑥
= Vulnerable software versions
References
http://justinshafer.blogspot.com/2016/02/moving-onto-eaglesoft-aka-patterson.html
http://www.kb.cert.org/vuls/id/344432
http://justinshafer.blogspot.com/2016/02/moving-onto-eaglesoft-aka-patterson.html
http://www.kb.cert.org/vuls/id/344432