Description
An issue was discovered in Mutare Voice (EVM) 3.x before 3.3.8. On the admin portal of the web application, password information for external systems is visible in cleartext. The Settings.asp page is affected by this issue.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_misc
https://www.mutare.com/security-adv-mutare-2021-004-mutare-voice/
Scores
CVSS v3
4.9
EPSS
0.0051
EPSS Percentile
39.3%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-312
Status
published
Products (1)
mutare/voice
3.0.0 - 3.3.8
Published
Feb 16, 2021
Tracked Since
Feb 18, 2026