Vendor
MV
Products
4
CVEs
4
Across products
5
Status
Private
Products
4- 2 CVEs
- 1 CVE
- 1 CVE
- 1 CVE
Recent CVEs
4| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-23283 | Hig | 0.49 | 7.5 | 0.01 | Jul 21, 2021 | Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force. | ||
| CVE-2020-23282 | Hig | 0.49 | 7.5 | 0.01 | Jul 21, 2021 | SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized information. | ||
| CVE-2020-23284 | Hig | 0.49 | 7.5 | 0.01 | Jul 20, 2021 | Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application. | ||
| CVE-2022-31405 | Med | 0.42 | 6.5 | 0.01 | Feb 27, 2023 | MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext. |
- risk 0.49cvss 7.5epss 0.01
Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force.
- risk 0.49cvss 7.5epss 0.01
SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized information.
- risk 0.49cvss 7.5epss 0.01
Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application.
- risk 0.42cvss 6.5epss 0.01
MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.