Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
NVD Vulnerability Details :
CVE-2024-1228
Modified
More InfoOfficial Page
Source-cvd@cert.pl
View Known Exploited Vulnerability (KEV) details
Published At-10 Jun, 2024 | 12:15
Updated At-03 Oct, 2025 | 09:15

Use of hard-coded password to the patients' database allows an attacker to retrieve sensitive data stored in the database. The password is the same among all Eurosoft Przychodnia installations. This issue affects Eurosoft Przychodnia software before version 20240417.001 (from that version vulnerability is fixed).

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.09.3CRITICAL
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Red
Primary3.19.8CRITICAL
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:U/V:C/RE:M/U:Red
Type: Primary
Version: 3.1
Base score: 9.8
Base severity: CRITICAL
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CPE Matches
eurosoft
eurosoft
>>przychodnia>>Versions before 20240417.001(exclusive)
cpe:2.3:a:eurosoft:przychodnia:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-259Primarycvd@cert.pl
CWE-798Secondarynvd@nist.gov
CWE ID: CWE-259
Type: Primary
Source: cvd@cert.pl
CWE ID: CWE-798
Type: Secondary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://cert.pl/en/posts/2024/06/CVE-2024-1228/cvd@cert.pl
Third Party Advisory
https://cert.pl/posts/2024/06/CVE-2024-1228/cvd@cert.pl
Third Party Advisory
https://www.eurosoft.com.pl/eurosoft-przychodniacvd@cert.pl
Product
https://cert.pl/en/posts/2024/06/CVE-2024-1228/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://cert.pl/posts/2024/06/CVE-2024-1228/af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://www.eurosoft.com.pl/eurosoft-przychodniaaf854a3a-2127-422b-91ae-364da2661108
Product
Hyperlink: https://cert.pl/en/posts/2024/06/CVE-2024-1228/
Source: cvd@cert.pl
Resource:
Third Party Advisory
Hyperlink: https://cert.pl/posts/2024/06/CVE-2024-1228/
Source: cvd@cert.pl
Resource:
Third Party Advisory
Hyperlink: https://www.eurosoft.com.pl/eurosoft-przychodnia
Source: cvd@cert.pl
Resource:
Product
Hyperlink: https://cert.pl/en/posts/2024/06/CVE-2024-1228/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://cert.pl/posts/2024/06/CVE-2024-1228/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://www.eurosoft.com.pl/eurosoft-przychodnia
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Product
Change History
0Changes found
Details not found