Описание
NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest version of NMIS/BioDose introduces an option to use Windows user authentication with the database, which would restrict this database connection.
Ссылки
- Third Party Advisory
Уязвимые конфигурации
EPSS
8.3 High
CVSS3
8.8 High
CVSS3
Дефекты
Связанные уязвимости
NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest version of NMIS/BioDose introduces an option to use Windows user authentication with the database, which would restrict this database connection.
EPSS
8.3 High
CVSS3
8.8 High
CVSS3