Vulnerability Details CVE-2022-31405
MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 12.6%
CVSS Severity
CVSS v3 Score 6.5
References
- https://github.com/ifmacedo/mconnect/blob/main/IDCE-ClearTextStorage
- https://mv.com.br/pt/blog/microdata-integra-novo-modulo-cockpit-ao-ris-idce
- https://www.linkedin.com/pulse/armazenamento-inseguro-idce-mv-iran-macedo
- https://github.com/ifmacedo/mconnect/blob/main/IDCE-ClearTextStorage
- https://mv.com.br/pt/blog/microdata-integra-novo-modulo-cockpit-ao-ris-idce
- https://www.linkedin.com/pulse/armazenamento-inseguro-idce-mv-iran-macedo
Products affected by CVE-2022-31405
-
cpe:2.3:a:mv_idigital_clinic_enterprise_project:mv_idigital_clinic_enterprise:1.0