Vulnerabilities (CVE)

Filtered by vendor Iris Subscribe

Filtered by product Star Practice Management

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-28405	1 Iris	1 Star Practice Management	2021-07-21	6.5 MEDIUM	8.8 HIGH
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to change the privileges of any user of the application. This can be used to grant himself the administrative role or remove all administrative accounts of the application.
CVE-2020-28402	1 Iris	1 Star Practice Management	2021-07-21	6.5 MEDIUM	8.8 HIGH
An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access Launcher Configuration Panel.