CVE-2024-50588 | Unprotected Exposed Firebird Database with default credentials
An unauthenticated attacker with access to the local network of the
medical office can use known default credentials to gain remote DBA
access to the Elefant Firebird database. The data in the database
includes patient data and login credentials among other sensitive data.
In addition, this enables an attacker to create and overwrite arbitrary
files on the server filesystem with the rights of the Firebird database
("NT AUTHORITY\SYSTEM").
Conclusion & alert: CVE-2024-50588 is rated Moderate Risk (56/100): CVSS Critical severity, with low exploitation likelihood (EPSS 0.68%).Mandatory action: Review affected assets and schedule remediation.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
Exploit prediction scoring system (EPSS) score for CVE-2024-50588
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).