CVE-2023-37679

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Aug 3, 2023

Updated: Jan 31, 2024

CWE ID 77

Summary

CVE-2023-37679 is a newly identified vulnerability affecting NextGen Mirth Connect version 4.3.0. This issue permits remote command execution (RCE), granting attackers the ability to execute arbitrary commands on the hosting server. Successful exploitation could result in significant damage, including data theft, server takeover, or system crashes. It is recommended that users upgrade to a patched version of Mirth Connect as soon as possible to mitigate this risk. Failure to address this vulnerability could leave systems open to potential attacks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Mirth Connect

Affected Vendors

NextGen

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/r8dNOi
https://www.cve.org/CVERecord?id=CVE-2023-37679
https://nvd.nist.gov/vuln/detail/CVE-2023-37679

Back to Vulnerability Database