cvedb.io
CVE-2021-35193
HIGH · CVSS 7.5
EPSS exploitation probability: 0%
Published 2021-07-30T19:15:09.370 · Last modified 2026-06-17T03:57:16.537

Summary

Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations (that have the same software version). This provides remote access to SQL database credentials. (In the normal use of the product, retrieving those credentials only occurs after a username/password authentication step; however, this authentication step is on the client side, and an attacker can develop their own client that skips this step.)

Affected products

pattersondental — eaglesoft

Does this affect you?

Add your gear to cvedb and we'll alert you only when pattersondental ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.