Insufficient Identity Verification in PICiX and PerformanceBridge Focal Point

Insufficient Identity Verification in PICiX and PerformanceBridge Focal Point

CVE-2020-16222 · HIGH Severity

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In Patient Information Center iX (PICiX) Version B.02, C.02, C.03, and PerformanceBridge Focal Point Version A.01, when an actor claims to have a given identity, the software does not prove or insufficiently proves the claim is correct.

Learn more about our Web Application Penetration Testing UK.