CGM CLININET SQL Injection Vulnerability in CheckUnitCodeAndKey.pl Service

Vulnerability

A SQL injection vulnerability has been identified in the CGM CLININET software within the CheckUnitCodeAndKey.pl service. The issue arises in the validateOrgUnit function, where user input is not properly sanitized before being used in SQL queries. This vulnerability affects all versions of CGM CLININET prior to 2025.MS2.

Impact

Exploitation of this vulnerability allows attackers to manipulate SQL queries, potentially leading to unauthorized access to the database and its contents.

Added: Mar 2, 2026, 12:19 PM

Updated: Mar 2, 2026, 12:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

7.4

remediation

0.0

relevance

3.4

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

CGM CLININET SQL Injection Vulnerability in CheckUnitCodeAndKey.pl Service

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating