{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-05T06:49:37.136","vulnerabilities":[{"cve":{"id":"CVE-2024-50589","sourceIdentifier":"551230f0-3615-47bd-b7cc-93e92e730bbf","published":"2024-11-08T12:15:14.707","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"An unauthenticated attacker with access to the local network of the \nmedical office can query an unprotected Fast Healthcare Interoperability\n Resources (FHIR) API to get access to sensitive electronic health \nrecords (EHR)."},{"lang":"es","value":"Un atacante no autenticado con acceso a la red local del consultorio médico puede consultar una API de recursos de interoperabilidad rápida de atención médica (FHIR) desprotegida para obtener acceso a registros médicos electrónicos (EHR) confidenciales."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"551230f0-3615-47bd-b7cc-93e92e730bbf","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","description":[{"lang":"en","value":"CWE-306"}]}],"references":[{"url":"https://hasomed.de/produkte/elefant/","source":"551230f0-3615-47bd-b7cc-93e92e730bbf"},{"url":"https://r.sec-consult.com/hasomed","source":"551230f0-3615-47bd-b7cc-93e92e730bbf"},{"url":"http://seclists.org/fulldisclosure/2024/Nov/3","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}