CVE-2018-10571 - OpenCVE

Vendors	Products
Open-emr	Openemr

Link	Resource
https://csticsfrontline.wordpress.com/2018/05/24/openemr-%E5%BC%B1%E9%BB%9E%E5%88%86%E6%9E%90/
https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051	Patch Third Party Advisory
https://github.com/openemr/openemr/issues/1518	Third Party Advisory
https://github.com/openemr/openemr/pull/1519	Patch Third Party Advisory
https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1	Release Notes Third Party Advisory Vendor Advisory

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-04-30T00:00:00", "descriptions": [{"lang": "en", "value": "Multiple reflected cross-site scripting (XSS) vulnerabilities in OpenEMR before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) patient parameter to interface/main/finder/finder_navigation.php; (2) key parameter to interface/billing/get_claim_file.php; (3) formid or (4) formseq parameter to interface/orders/types.php; (5) eraname, (6) paydate, (7) post_to_date, (8) deposit_date, (9) debug, or (10) InsId parameter to interface/billing/sl_eob_process.php; (11) form_source, (12) form_paydate, (13) form_deposit_date, (14) form_amount, (15) form_name, (16) form_pid, (17) form_encounter, (18) form_date, or (19) form_to_date parameter to interface/billing/sl_eob_search.php; (20) codetype or (21) search_term parameter to interface/de_identification_forms/find_code_popup.php; (22) search_term parameter to interface/de_identification_forms/find_drug_popup.php; (23) search_term parameter to interface/de_identification_forms/find_immunization_popup.php; (24) id parameter to interface/forms/CAMOS/view.php; (25) id parameter to interface/forms/reviewofs/view.php; or (26) list_id parameter to library/custom_template/personalize.php."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-06-13T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/openemr/openemr/issues/1518"}, {"tags": ["x_refsource_MISC"], "url": "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/openemr/openemr/pull/1519"}, {"tags": ["x_refsource_MISC"], "url": "https://csticsfrontline.wordpress.com/2018/05/24/openemr-%E5%BC%B1%E9%BB%9E%E5%88%86%E6%9E%90/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-10571", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Multiple reflected cross-site scripting (XSS) vulnerabilities in OpenEMR before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) patient parameter to interface/main/finder/finder_navigation.php; (2) key parameter to interface/billing/get_claim_file.php; (3) formid or (4) formseq parameter to interface/orders/types.php; (5) eraname, (6) paydate, (7) post_to_date, (8) deposit_date, (9) debug, or (10) InsId parameter to interface/billing/sl_eob_process.php; (11) form_source, (12) form_paydate, (13) form_deposit_date, (14) form_amount, (15) form_name, (16) form_pid, (17) form_encounter, (18) form_date, or (19) form_to_date parameter to interface/billing/sl_eob_search.php; (20) codetype or (21) search_term parameter to interface/de_identification_forms/find_code_popup.php; (22) search_term parameter to interface/de_identification_forms/find_drug_popup.php; (23) search_term parameter to interface/de_identification_forms/find_immunization_popup.php; (24) id parameter to interface/forms/CAMOS/view.php; (25) id parameter to interface/forms/reviewofs/view.php; or (26) list_id parameter to library/custom_template/personalize.php."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051", "refsource": "MISC", "url": "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051"}, {"name": "https://github.com/openemr/openemr/issues/1518", "refsource": "MISC", "url": "https://github.com/openemr/openemr/issues/1518"}, {"name": "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1", "refsource": "MISC", "url": "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1"}, {"name": "https://github.com/openemr/openemr/pull/1519", "refsource": "MISC", "url": "https://github.com/openemr/openemr/pull/1519"}, {"name": "https://csticsfrontline.wordpress.com/2018/05/24/openemr-%E5%BC%B1%E9%BB%9E%E5%88%86%E6%9E%90/", "refsource": "MISC", "url": "https://csticsfrontline.wordpress.com/2018/05/24/openemr-%E5%BC%B1%E9%BB%9E%E5%88%86%E6%9E%90/"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-10571", "datePublished": "2018-04-30T17:00:00", "dateReserved": "2018-04-30T00:00:00", "dateUpdated": "2018-06-13T16:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*", "matchCriteriaId": "2B406066-3E51-4B10-A6FD-663A8F176989", "versionEndExcluding": "5.0.1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Multiple reflected cross-site scripting (XSS) vulnerabilities in OpenEMR before 5.0.1 allow remote attackers to inject arbitrary web script or HTML via the (1) patient parameter to interface/main/finder/finder_navigation.php; (2) key parameter to interface/billing/get_claim_file.php; (3) formid or (4) formseq parameter to interface/orders/types.php; (5) eraname, (6) paydate, (7) post_to_date, (8) deposit_date, (9) debug, or (10) InsId parameter to interface/billing/sl_eob_process.php; (11) form_source, (12) form_paydate, (13) form_deposit_date, (14) form_amount, (15) form_name, (16) form_pid, (17) form_encounter, (18) form_date, or (19) form_to_date parameter to interface/billing/sl_eob_search.php; (20) codetype or (21) search_term parameter to interface/de_identification_forms/find_code_popup.php; (22) search_term parameter to interface/de_identification_forms/find_drug_popup.php; (23) search_term parameter to interface/de_identification_forms/find_immunization_popup.php; (24) id parameter to interface/forms/CAMOS/view.php; (25) id parameter to interface/forms/reviewofs/view.php; or (26) list_id parameter to library/custom_template/personalize.php."}, {"lang": "es", "value": "M\u00faltiples vulnerabilidades de Cross-Site Scripting (XSS) reflejado en OpenEMR, en versiones anteriores a la 5.0.1, permiten que atacantes remotos inyecten scripts web o HTML arbitrarios mediante (1) el par\u00e1metro patient en interface/main/finder/finder_navigation.php; (2) el par\u00e1metro key en interface/billing/get_claim_file.php; (3) los par\u00e1metros formid o (4) formseq en interface/orders/types.php; (5) los par\u00e1metros eraname, (6) paydate, (7) post_to_date, (8) deposit_date, (9) debug o (10) InsId en interface/billing/sl_eob_process.php; (11) los par\u00e1metros form_source, (12) form_paydate, (13) form_deposit_date, (14) form_amount, (15) form_name, (16) form_pid, (17) form_encounter, (18) form_date o (19) form_to_date en interface/billing/sl_eob_search.php; (20) los par\u00e1metros codetype o (21) search_term en interface/de_identification_forms/find_code_popup.php; (22) el par\u00e1metro search_term en interface/de_identification_forms/find_drug_popup.php; (23) el par\u00e1metro search_term en interface/de_identification_forms/find_immunization_popup.php; (24) el par\u00e1metro id en interface/forms/CAMOS/view.php; (25) el par\u00e1metro id en interface/forms/reviewofs/view.php o (26) el par\u00e1metro list_id parameter en library/custom_template/personalize.php."}], "id": "CVE-2018-10571", "lastModified": "2018-06-14T01:29:32.867", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.0"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-04-30T17:29:00.220", "references": [{"source": "cve@mitre.org", "url": "https://csticsfrontline.wordpress.com/2018/05/24/openemr-%E5%BC%B1%E9%BB%9E%E5%88%86%E6%9E%90/"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/openemr/openemr/commit/699e3c2ef68545357cac714505df1419b8bf2051"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://github.com/openemr/openemr/issues/1518"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/openemr/openemr/pull/1519"}, {"source": "cve@mitre.org", "tags": ["Release Notes", "Third Party Advisory", "Vendor Advisory"], "url": "https://www.open-emr.org/wiki/index.php/Release_Features#Version_5.0.1"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

JSON object

JSON object

JSON object