Insecure Permissions in Medical Management System by Unknown Vendor
CVE-2025-67437

6.5MEDIUM

Key Information:

Vendor
CVE Published:
15 May 2026

What is CVE-2025-67437?

The Medical Management System is exposed to a vulnerability due to improper management of user permissions. This flaw allows unauthorized users to reset passwords for any account within the system, potentially leading to unauthorized access and further exploitation. Organizations using this software should implement immediate security measures to mitigate risks associated with this vulnerability.

References

CVSS V3.1

Score:
6.5
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.