- Description
- WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration.
- Source
- cve@mitre.org
- NVD status
- Deferred
CVSS 2.0
- Type
- Primary
- Base score
- 5
- Impact score
- 2.9
- Exploitability score
- 10
- Vector string
- AV:N/AC:L/Au:N/C:P/I:N/A:N
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:esi_products:webeoc:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "09DA3374-FE82-4EAD-97A7-506648D89D4E",
"versionEndIncluding": "6.0.1"
}
],
"operator": "OR"
}
]
}
]