Description
The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding username on a Windows client machine.
References (1)
Core 1
Core References
US Government Resource third-party-advisory
x_refsource_cert-vn
http://www.kb.cert.org/vuls/id/215284
Scores
EPSS
0.0088
EPSS Percentile
54.5%
Details
CWE
CWE-287
Status
published
Products (4)
ontariosystems/artiva_architect
3.2 mr5
ontariosystems/artiva_healthcare
5.2 mr5
ontariosystems/artiva_rm
3.1 mr7
ontariosystems/artiva_workstation
1.3.0
Published
Apr 15, 2014
Tracked Since
Feb 18, 2026