QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-46823

Back to search

CVE-2025-46823

Published: May 29, 2025

Modified: May 29, 2025

PUBLISHED

Description

openmrs-module-fhir2 provides the FHIR REST API and related services for OpenMRS, an open medical records system. In versions of the FHIR2 module prior to 2.5.0, privileges were not always correctly checked, which means that unauthorized users may have been able to add or edit data they were not supposed to be able to. All implementers should update to FHIR2 2.5.0 or newer as soon as is feasible to receive a patch.

VendorProductVersions

openmrs

openmrs-module-fhir2

affected
< 2.5.0

Weaknesses (CWE)

CWE-862

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now