CVE-2022-31405
MEDIUMMV iDigital Clinic Enterprise (iDCE) 1.0 - Info Disclosure
Title source: llmDescription
MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.
References (3)
Core 3
Core References
Press/Media Coverage
https://mv.com.br/pt/blog/microdata-integra-novo-modulo-cockpit-ao-ris-idce
Exploit, Third Party Advisory
https://www.linkedin.com/pulse/armazenamento-inseguro-idce-mv-iran-macedo
Scores
CVSS v3
6.5
EPSS
0.0057
EPSS Percentile
42.6%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-312
Status
published
Products (1)
mv_idigital_clinic_enterprise_project/mv_idigital_clinic_enterprise
1.0
Published
Feb 27, 2023
Tracked Since
Feb 18, 2026