MidnightBSD

Advisories for ontariosystems

CVE-2014-0348 LOW

The Artiva Agency Single Sign-On (SSO) implementation in Artiva Workstation 1.3.x before 1.3.9, Artiva Rm 3.1 MR7, Artiva Healthcare 5.2 MR5, and Artiva Architect 3.2 MR5, when the domain-name option is enabled, allows remote attackers to login to arbitrary domain accounts by using the corresponding username on a Windows client machine.

CVSS 2.0

Severity: LOW

Problem Type: CWE-287,

Products Affected

Vendor Product Version
ontariosystems artiva_healthcare 5.2
ontariosystems artiva_architect 3.2
ontariosystems artiva_rm 3.1
ontariosystems artiva_workstation 1.3.0