DEXIS is a dental x-ray imaging software that manages patient records. DEXIS Imaging Suite 10 contains several hard-coded credentials allowing administrative or root access to the patient database.
CWE-798: Use of Hard-coded Credentials - CVE-2016-6532
DEXIS Imaging Suite 10 contains several hard-coded database credentials allowing administrative or root access to the patient database. Other versions of DEXIS may also be affected.
A remote, unauthenticated attacker may be able to gain administrative access to the DEXIS patient database.
Update the database credentials
Restrict network access
Thanks to Justin Shafer for reporting this vulnerability.
|Date First Published:||2016-09-07|
|Date Last Updated:||2016-09-07 14:40 UTC|