CVE-2020-23283

HIGH

MV's mConnect <v02.001.00 - Info Disclosure

Title source: llm
STIX 2.1

Description

Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force.

References (2)

Core 2

Scores

CVSS v3 7.5
EPSS 0.0144
EPSS Percentile 70.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-307
Status published
Products (2)
mv/mconnect 02.001.00
mv/mconnect 2013.1.6.8
Published Jul 21, 2021
Tracked Since Feb 18, 2026