Difference between revisions of "Critical Security Fix for CVE-2017-16540"
From OpenEMR Project Wiki
Bradymiller (talk | contribs) |
Bradymiller (talk | contribs) |
||
| Line 3: | Line 3: | ||
:In order to protect yourself from this vulnerability: | :In order to protect yourself from this vulnerability: | ||
::*If using OpenEMR 5.0.0: | ::*If using OpenEMR 5.0.0: | ||
:::#Update to the most recent patch and follow the instructions here: | :::#Update to the most recent patch and follow the instructions here: [[OpenEMR Patches]] | ||
:::#To be extra safe, then remove the setup.php file from the openemr web directory (if you need this file in the future, then can download it at [https://raw.githubusercontent.com/openemr/openemr/rel-500/setup.php setup.php]). | :::#To be extra safe, then remove the setup.php file from the openemr web directory (if you need this file in the future, then can download it at [https://raw.githubusercontent.com/openemr/openemr/rel-500/setup.php setup.php]). | ||
::*If using OpenEMR 4.2.2 or lower: | ::*If using OpenEMR 4.2.2 or lower: | ||
:::#Remove the setup.php file from the openemr web directory. | :::#Remove the setup.php file from the openemr web directory. | ||
Revision as of 19:54, 5 November 2017
- There is a critical security vulnerability in OpenEMR before 5.0.0 Patch 5 . More details can be found here: https://nvd.nist.gov/vuln/detail/CVE-2017-16540
- In order to protect yourself from this vulnerability:
- If using OpenEMR 5.0.0:
- Update to the most recent patch and follow the instructions here: OpenEMR Patches
- To be extra safe, then remove the setup.php file from the openemr web directory (if you need this file in the future, then can download it at setup.php).
- If using OpenEMR 4.2.2 or lower:
- Remove the setup.php file from the openemr web directory.
