Login Sign Up

CVE-2021-35193

7.5 HIGH
Authentication Bypass

📋 TL;DR

Patterson Eaglesoft dental practice management software versions 18-21 has a certificate authentication flaw where the same certificate is accepted across different customer installations. This allows attackers to bypass client-side authentication and remotely access SQL database credentials. Dental practices using affected Eaglesoft versions are vulnerable.

💻 Affected Systems

Products:
  • Patterson Eaglesoft
Versions: 18 through 21
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Affects Patterson Application Service component. Requires Eaglesoft installation with Patterson Application Service enabled.

📦 What is this software?

Eaglesoft by Pattersondental

View all CVEs affecting Eaglesoft →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of patient databases including PHI/PII data, financial records, and practice operations data leading to data breach, ransomware, or system destruction.

🟠

Likely Case

Unauthorized access to patient databases resulting in data theft, potential HIPAA violations, and practice disruption.

🟢

If Mitigated

Limited impact if network segmentation prevents external access to Eaglesoft servers and proper authentication controls are in place.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Proof-of-concept code available on GitHub. Attackers can develop custom clients to bypass authentication. No authentication required to exploit.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: http://patterson.eaglesoft.net/Home/Contact-Us

Restart Required: No

Instructions:

Contact Patterson Dental support for guidance. No official patch information available in public sources.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate Eaglesoft servers from untrusted networks and internet access

Firewall Rules

all

Restrict access to Patterson Application Service ports to authorized IPs only

🧯 If You Can't Patch

  • Implement strict network segmentation to isolate Eaglesoft servers
  • Monitor for unusual database access patterns and failed authentication attempts

🔍 How to Verify

Check if Vulnerable:

Check Eaglesoft version in Help > About. If version is 18, 19, 20, or 21, system is vulnerable.

Check Version:

Check Eaglesoft application version via Help > About menu

Verify Fix Applied:

Contact Patterson Dental support for verification. No public verification method available.

📡 Detection & Monitoring

Log Indicators:

  • Unusual SQL database connection attempts
  • Failed authentication attempts to Patterson Application Service
  • Unexpected client connections to Eaglesoft services

Network Indicators:

  • Unusual traffic to Eaglesoft database ports from unauthorized sources
  • Custom client connections bypassing normal authentication patterns

SIEM Query:

source="eaglesoft" AND (event_type="authentication_failure" OR event_type="database_access")

📊 Metadata

CVE ID: CVE-2021-35193
CVSS v3 Score: 7.5 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE: CWE-295
Published: July 30, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-35193, you might also want to check these:

CVE-2025-68121 10.0

This vulnerability in Go's crypto/tls package allows TLS session resumption to succeed when it shoul...

Same vulnerability type (CWE-295)
CVE-2024-5261 9.8

LibreOfficeKit mode in LibreOffice versions before 24.2.4 disables TLS certificate verification when...

Same vulnerability type (CWE-295)
CVE-2023-51837 9.8

MeshCentral 1.1.16 fails to properly validate SSL certificates when establishing connections, allowi...

Same vulnerability type (CWE-295)