CVE-2020-14489

MEDIUM

OpenClinic GA 5.09.02 and 5.89.05b - Insufficiently Protected Credentials

Title source: llm
STIX 2.1

Description

OpenClinic GA 5.09.02 and 5.89.05b stores passwords using inadequate hashing complexity, which may allow an attacker to recover passwords using known password cracking techniques.

References (1)

Core 1
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://us-cert.cisa.gov/ics/advisories/ICSMA-20-184-01

Scores

CVSS v3 6.2
EPSS 0.0098
EPSS Percentile 57.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-522
Status published
Products (2)
openclinic_ga_project/openclinic_ga 5.09.02
openclinic_ga_project/openclinic_ga 5.89.05b
Published Jul 29, 2020
Tracked Since Feb 18, 2026