| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 6.3 | $0-$5k | 0.00 |
Summary
A vulnerability marked as critical has been reported in OpenEMR up to 6.x. This impacts an unknown function of the file setup.php. This manipulation causes path traversal. The identification of this vulnerability is CVE-2023-22974. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.
Details
A vulnerability was found in OpenEMR up to 6.x (Business Process Management Software). It has been declared as critical. Affected by this vulnerability is an unknown code of the file setup.php. The manipulation with an unknown input leads to a path traversal vulnerability. The CWE definition for the vulnerability is CWE-22. The product uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. As an impact it is known to affect confidentiality. The summary by CVE is:
A Path Traversal in setup.php in OpenEMR < 7.0.0 allows remote unauthenticated users to read arbitrary files by controlling a connection to an attacker-controlled MySQL server.
The weakness was shared 02/23/2023. It is possible to read the advisory at sonarsource.com. This vulnerability is known as CVE-2023-22974 since 01/11/2023. Technical details of the vulnerability are known, but there is no available exploit. The attack technique deployed by this issue is T1006 according to MITRE ATT&CK.
By approaching the search of inurl:setup.php it is possible to find vulnerable targets with Google Hacking.
Upgrading to version 7.0.0 eliminates this vulnerability.
The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2023-27074). Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Product
Type
Name
Version
License
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 6.4VulDB Meta Temp Score: 6.3
VulDB Base Score: 5.3
VulDB Temp Score: 5.1
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.5
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
Exploiting
Class: Path traversalCWE: CWE-22
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Not defined
Google Hack: 🔍
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Upgrade: OpenEMR 7.0.0
Timeline
01/11/2023 🔍02/23/2023 🔍
02/23/2023 🔍
10/06/2025 🔍
Sources
Advisory: sonarsource.comStatus: Confirmed
CVE: CVE-2023-22974 (🔍)
GCVE (CVE): GCVE-0-2023-22974
GCVE (VulDB): GCVE-100-221659
EUVD: 🔍
Entry
Created: 02/23/2023 07:56Updated: 10/06/2025 02:09
Changes: 02/23/2023 07:56 (40), 03/24/2023 10:07 (11), 10/06/2025 02:09 (16)
Complete: 🔍
Cache ID: 216::103
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.