Critical Security Fix for CVE-2017-16540

From OpenEMR Project Wiki
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
There is a critical security vulnerability in OpenEMR before 5.0.0 Patch 5 . More details can be found here: https://nvd.nist.gov/vuln/detail/CVE-2017-16540
In order to protect yourself from this vulnerability:
  • If using OpenEMR 5.0.0:
  1. Update to the most recent patch via following instructions: OpenEMR Patches
  2. Remove the setup.php file from the openemr web directory (if you need this file in the future, then can download it at setup.php).
  • If using OpenEMR 4.2.2 or lower:
  1. Remove the setup.php file from the openemr web directory.
Retrieved from "https://www.open-emr.org/wiki/index.php?title=Critical_Security_Fix_for_CVE-2017-16540&oldid=26469"