Vulnerability in Hasomed Elefant
CVE-2024-50588
An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the database includes patient data and login cr…
EPSS: 0.004 (59.4th percentile) — read the EPSS interpretation.
Affected products
- Hasomed Elefant — versions <24.03.03
Weakness classification (CWE)
References
- r.sec-consult.com/hasomed (third-party-advisory)
- hasomed.de/produkte/elefant/ (patch)