Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2021-25923

Date: June 24, 2021

Overview

In OpenEMR, versions 5.0.0 to 6.0.0.1 are vulnerable to weak password requirements as it does not enforce a maximum password length limit. If a malicious user is aware of the first 72 characters of the victim user’s password, he can leverage it to an account takeover.

Details

The “OpenEMR” application does not enforce a maximum password length limit during the user creation mechanism which may lead to complete account takeover of an affected user during certain edge cases. The vulnerability can be reproduced assuming the malicious user is aware of the first 72 characters of the victim user’s password.

PoC Details

Login to the application as Administrator.
Sign in with user “testcase1” with password:
“Aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa@123”
Result: Sign in successful

Affected Environments

5.0.0-6.0.0.1

Prevention

Upgrade to 6.0.0.2

Language: PHP

Good to know:

icon

Weak Password Requirements

CWE-521
icon

Upgrade Version

Upgrade to version v6_0_0_2

Learn More

Base Score:
Attack Vector (AV): Network
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope (S): Unchanged
Confidentiality (C): High
Integrity (I): High
Availability (A): High
Base Score:
Access Vector (AV): Network
Access Complexity (AC): Medium
Authentication (AU): None
Confidentiality (C): Partial
Integrity (I): Partial
Availability (A): Partial
Additional information:

Related Resources (4)

https://github.com/openemr/openemr/commit/28ca5c008d4a408b60001a67dfd3e0915f9181e0
https://nvd.nist.gov/vuln/detail/CVE-2021-25923
https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25923
https://www.mend.io/vulnerability-database/CVE-2021-25923