Primary

Context

OpenMRS FHIR2 Module Privilege Escalation Vulnerability

Vulnerability

A vulnerability exists in the OpenMRS FHIR2 module, specifically in versions prior to 2.5.0, where privilege checks were not consistently enforced. This flaw could have allowed unauthorized users to add or modify data inappropriately.

Impact

Exploitation of this vulnerability could lead to unauthorized data modification or addition by users without the necessary privileges.

Remediation

Users are advised to update to OpenMRS FHIR2 Module version 2.5.0 or later as soon as possible.

Added: Sep 1, 2025, 7:22 PM

Updated: Sep 1, 2025, 7:22 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

OpenMRS FHIR2 Module Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating