CVE-2024-11073

Published Nov 11, 2024

Last updated 5 days ago

CVSS medium 5.3

Overview

Description
A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete-account.php. The manipulation of the argument id leads to improper authorization. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Source
cna@vuldb.com
NVD status
Undergoing Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
5.3
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
MEDIUM

CVSS 3.1

Type
Secondary
Base score
4.3
Impact score
1.4
Exploitability score
2.8
Vector string
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Severity
MEDIUM

CVSS 2.0

Type
Secondary
Base score
4
Impact score
2.9
Exploitability score
8
Vector string
AV:N/AC:L/Au:S/C:N/I:P/A:N

Weaknesses

cna@vuldb.com
CWE-266

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

1

  1. 🚨 CVE-2024-11073 (Published: 2024-11-11) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/p9N9jYjPZ7 #CyberSecurity… https://t.co

    @transilienceai

    15 Nov 2024

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2024-11073 (Published: 2024-11-11) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/p9N9jYjPZ7 #CyberSecurity… https://t.co

    @transilienceai

    15 Nov 2024

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 CVE-2024-11073 (Published: 2024-11-11) - Critical vulnerability in Vaidya Mitra. Affects specific versions of the Hospital Management System, allowing unauthorized deletion of patient accounts via IDOR. 🔒 Remediation: Update to the latest version and review access controls.…

    @transilienceai

    15 Nov 2024

    9 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CVE-2024-11073 (Published: 2024-11-11) - Critical vulnerability in Vaidya Mitra. Exploited in specific versions, this IDOR flaw can lead to unauthorized deletion of patient accounts. 🏥💔 Remediation is crucial! Check the details and patch your systems: [GitHub… https://t.co/b

    @transilienceai

    15 Nov 2024

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2024-11073 (Published: 2024-11-11) - Critical vulnerability in Vaidya Mitra. Affects specific versions of the Hospital Management System, allowing IDOR exploitation leading to deletion of patient accounts. 🔒 Remediation: Update to the latest version and review access… htt

    @transilienceai

    15 Nov 2024

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨 CVE-2024-11073 (Published: 2024-11-11) - High severity vulnerability in SourceCodester. Affects multiple versions. Remediation is crucial! Ensure your systems are updated to mitigate risks. For more details, check the link: [https://t.co/5COmSs73pM) #CVE #CyberSecurity

    @transilienceai

    15 Nov 2024

    5 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 CVE-2024-11073 (Published: 2024-11-11) - A high-severity vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For detailed remediation steps, check the link: https://t.co/W9cXZPe3ti #CyberSecurity #CVE

    @transilienceai

    15 Nov 2024

    4 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🚨 CVE-2024-11073 (Published: 2024-11-11) - A critical vulnerability in SourceCodester affects multiple versions. Users are urged to update to the latest release to mitigate risks. For more details and remediation steps, visit: https://t.co/p9N9jYji9z #CyberSecurity… https://t.co

    @transilienceai

    15 Nov 2024

    10 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2024-11073 A vulnerability classified as problematic has been found in SourceCodester Hospital Management System 1.0. This affects an unknown part of the file /vm/patient/delete… https://t.co/rcNP4HGcy7

    @CVEnew

    11 Nov 2024

    65 Impressions

    2 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References