cvedb.io
CVE-2021-32077
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-05-06T23:15:07.850 · Last modified 2026-06-17T03:52:45.773

Summary

Primary Source Verification in VerityStream MSOW Solutions before 3.1.1 allows an anonymous internet user to discover Social Security Number (SSN) values via a brute-force attack on a (sometimes hidden) search field, because the last four SSN digits are part of the supported combination of search selectors. This discloses doctors' and nurses' social security numbers and PII.

Affected products

veritystream — msow_solutions

Does this affect you?

Add your gear to cvedb and we'll alert you only when veritystream ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.