VU#619767: Open Dental uses blank database password by default
Open Dental is medical dental records management software. Open Dental version 16.1,and previous versions,installs with a blank root database(MySQL)password by default.. An attacker with network access to an Open Dental MySQL database could read,modify,or delete data. This Vulnerability Note initially,and incorrectly,stated that Open Dental used hard coded credentials. The Impact section also implied that in its default configuration,the Open Dental database was available over remote networks such as the internet. An Open Dental database would need to be specifically configured to allow remote network access. Continue reading VU#619767: Open Dental uses blank database password by default