Login Sign Up

CVE-2018-15719

9.8 CRITICAL

📋 TL;DR

Open Dental versions before 18.4 install MySQL with default credentials (root/blank password), allowing network-accessible attackers to access all database information. This affects Open Dental installations on networks where the database server is reachable.

💻 Affected Systems

Products:
  • Open Dental
Versions: All versions before 18.4
Operating Systems: Windows, Linux
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects installations where MySQL database is network-accessible. Local-only installations are less vulnerable.

📦 What is this software?

Opendental by Opendental

View all CVEs affecting Opendental →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise including patient records, financial data, and administrative credentials leading to data theft, ransomware, or system takeover.

🟠

Likely Case

Unauthorized access to sensitive patient health information (PHI) and practice management data, violating HIPAA and other regulations.

🟢

If Mitigated

Limited impact if database is isolated from network access or strong network segmentation is in place.

🌐 Internet-Facing: HIGH if database port (3306) is exposed to internet, allowing remote exploitation.
🏢 Internal Only: HIGH as any internal attacker or compromised device on the network can access the database.

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires only network access to MySQL port (3306) and default credentials. No authentication bypass needed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 18.4 and later

Vendor Advisory: https://www.opendental.com/

Restart Required: Yes

Instructions:

1. Backup database and configuration. 2. Upgrade Open Dental to version 18.4 or later. 3. Verify MySQL credentials are changed from defaults. 4. Restart services.

🔧 Temporary Workarounds

Change MySQL root password

all

Set strong password for MySQL root account

mysql -u root -e "ALTER USER 'root'@'localhost' IDENTIFIED BY 'StrongPassword123!';"
mysql -u root -e "FLUSH PRIVILEGES;"

Restrict MySQL network access

all

Configure MySQL to only accept local connections

Edit my.cnf/my.ini: bind-address = 127.0.0.1
Restart MySQL service

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate database server from untrusted networks
  • Deploy firewall rules to block external access to MySQL port (3306)

🔍 How to Verify

Check if Vulnerable:

Attempt to connect to MySQL on port 3306 using credentials root with blank password: mysql -h [IP] -u root

Check Version:

Check Open Dental version in application interface or configuration files

Verify Fix Applied:

Verify connection fails with blank password and requires authentication. Check Open Dental version is 18.4+.

📡 Detection & Monitoring

Log Indicators:

  • Failed authentication attempts to MySQL root account
  • Successful root logins from unexpected IPs
  • Unusual database queries or access patterns

Network Indicators:

  • External connections to MySQL port 3306
  • Traffic patterns suggesting database enumeration

SIEM Query:

source="mysql.log" (event="Access denied" OR event="Connect") user="root"

📊 Metadata

CVE ID: CVE-2018-15719
CVSS v3 Score: 9.8 (CRITICAL)
CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
CWE: CWE-255
Published: December 12, 2018
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2018-15719, you might also want to check these:

CVE-2020-10287 9.8

ABB IRC5 industrial robot controllers with UAS service enabled use publicly documented default crede...

Same vulnerability type (CWE-255)
CVE-2020-3140 9.8

An unauthenticated remote attacker can gain administrative privileges on Cisco Prime License Manager...

Same vulnerability type (CWE-255)
CVE-2018-7820 9.8

This vulnerability in APC UPS Network Management Card 2 allows remote attackers to view Remote Monit...

Same vulnerability type (CWE-255)