Unauthenticated Access to Sensitive Resources in Echo ShareCare 8.15.5

Unauthenticated Access to Sensitive Resources in Echo ShareCare 8.15.5

CVE-2021-36124 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

An issue was discovered in Echo ShareCare 8.15.5. It does not perform authentication or authorization checks when accessing a subset of sensitive resources, leading to the ability for unauthenticated users to access pages that are vulnerable to attacks such as SQL injection.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.