Critical Security Fix for CVE-2017-16540

From OpenEMR Project Wiki

Revision as of 19:54, 5 November 2017 by Bradymiller (talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

There is a critical security vulnerability in OpenEMR before 5.0.0 Patch 5 . More details can be found here: https://nvd.nist.gov/vuln/detail/CVE-2017-16540

In order to protect yourself from this vulnerability:

If using OpenEMR 5.0.0:

Update to the most recent patch and follow the instructions here: OpenEMR Patches
To be extra safe, then remove the setup.php file from the openemr web directory (if you need this file in the future, then can download it at setup.php).

If using OpenEMR 4.2.2 or lower:

Remove the setup.php file from the openemr web directory.

Retrieved from "https://www.open-emr.org/wiki/index.php?title=Critical_Security_Fix_for_CVE-2017-16540&oldid=26443"