OpenEMR 7.0.1 Authentication Brute Force Mitigation Bypass
Details
CVSS v3
7.5
CVSS v4
8.7
Affected versions
Not available in our cache.
Summary
OpenEMR 7.0.1 contains an authentication brute force vulnerability that allows attackers to bypass rate limiting protections by sending repeated login attempts to the main login endpoint. Attackers can submit POST requests with authUser and clearPass parameters to systematically test username and password combinations without account lockout restrictions.
TopVuln sends digest emails with high-risk CVE picks across multiple authoritative sources—curated with EPSS and AI. Choose daily per-stream emails and optional weekly or monthly roundups.