CVE-2020-28401

Published: Jan 29, 2021Modified: Jun 17, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

An improper authorization vulnerability exists in Star Practice Management Web version 2019.2.0.6, allowing an unauthorized user to access WIP details about jobs he should not have access to.

Affected (1)

Products: Iris: Star Practice Management

Iris

1 product

Star Practice Management

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Iris Star Practice Management	Version 2019.2.0.6

References (5)

https://cds.thalesgroup.com/en/tcs-cert/CVE-2020-28401

Source: cve@mitre.org

https://excellium-services.com/cert-xlm-advisory/CVE-2020-28401

Source: cve@mitre.org

Third Party Advisory

https://www.starpracticemanagement.com/

Source: cve@mitre.org

Product

https://excellium-services.com/cert-xlm-advisory/CVE-2020-28401

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.starpracticemanagement.com/

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.