Session Fixation Vulnerability in eClinicalWorks Population Health (CCMR)

Session Fixation Vulnerability in eClinicalWorks Population Health (CCMR)

CVE-2015-4594 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

eClinicalWorks Population Health (CCMR) suffers from a session fixation vulnerability. When authenticating a user, the application does not assign a new session ID, making it possible to use an existent session ID.

Learn more about our User Device Pen Test.