An attacker can exploit the SQL injection flaw to execute arbitrary SQL commands with the privileges of the system user. In addition to the SQL injection flaw, the Patient Management System v1.0 was found to contain multiple security issues, including: No anti-CSRF token was implemented on the application.

An insufficient input sanitation policy was in place, which allowed users to input characters that caused SQL injections.

Unsecured file uploads were in place on the application.

Insecure direct object references were used in the application.

Incorrectly enabled access_control settings were in place.

An incomplete authorization policy was in place.

An insufficiently restrictive access control list was in place.

An unvalidated session cookie was in place.

An unsecure session authentication method was in place.

An unsecure cookie authentication method was in place.

The application did not implement a CSRF mitigation policy.

An unsecure link path was in place.

The application’s favicon was not signed with a trusted certificate.

An outdated software version was installed on the target system.

The application did not have the PGP/GPG key fingerprint signed with a trusted certificate. The Patient Management System v1.0 was found to be publicly available on the Internet. Therefore, an attacker could easily exploit this application to gain SYSTEM access to a targeted system. An attacker could then install a malicious

Vulnerability discovery and analysis

This vulnerability was found when a researcher discovered the Patient Management System v1.0 on the Internet and notified the vendor of this security issue.

Software Requirements

The Patient Management System v1.0 is a web application that requires Microsoft .NET Framework version 4.6 or higher for execution.

Timeline

Published on: 09/02/2022 05:15:00 UTC
Last modified on: 09/02/2022 21:48:00 UTC

References