Overview
- Description
- An unauthenticated attacker with access to the local network of the medical office can query an unprotected Fast Healthcare Interoperability Resources (FHIR) API to get access to sensitive electronic health records (EHR).
- Source
- 551230f0-3615-47bd-b7cc-93e92e730bbf
- NVD status
- Awaiting Analysis
Risk scores
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
Social media
- Hype score
- Not currently trending
CVE-2024-50589 Unauthorized Local Network Access to Sensitive EHR via Unprotected FHIR API An attacker who is not logged in but can access the local network of a medical office may abuse an unsecured Fast Healthc... https://t.co/QORPoWBYjg
@VulmonFeeds
8 Nov 2024
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-50589 An unauthenticated attacker with access to the local network of the medical office can query an unprotected Fast Healthcare Interoperability Resources (FHIR) API to… https://t.co/5zi9rfMYRL
@CVEnew
8 Nov 2024
461 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes