### Synopsis### CVE-2018-15717: Weak Password HashingOpen Dental stores credentials in an insecure manner.The application stores credentials in the "userod" table with the username in plaintext and the password hash stored as a base64 encoded MD5 hash, which is a known insecure hashing method. Furthermore, no salt is used with the hash.### CVE-2018-15718: User Table Information DisclosureOpen Dental transmits credential information in an insecure manner.When the application launches and a user is presented with a log-in prompt, the application sends a request to the database for all user information. This includes usernames, privilege levels, password hashes, etc. This unnecessarily exposes user information.### CVE-2018-15719: Default Database CredentialsOpen Dental contains a security bypass due to insecure installation defaults.Upon installation of the application, the mysql database created has the default credentials of "root" with a blank password. This allows anyone on the network with access to the server to access all database information (including confidential patient information and PII).[CVE-2016-6531](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6531) was previously assigned to this issue. However, Open Dental disputed the vulnerability. According to the release notes of 18.4, Open Dental will now "prompt to create a username and password for MySQL."