The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding username on a Windows client machine.
CVSS 2.0
Severity: LOW
Problem Type: CWE-287,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| ontariosystems | artiva_healthcare | 5.2 |
| ontariosystems | artiva_architect | 3.2 |
| ontariosystems | artiva_rm | 3.1 |
| ontariosystems | artiva_workstation | 1.3.0 |