PT-2026-1959 · Asseco · Asseco Infomedica
Maciej Kazulak
·
Published
2026-01-08
·
Updated
2026-01-08
·
CVE-2025-8307
CVSS v4.0
5.9
Medium
| Vector | AV:L/AC:H/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Asseco InfoMedica versions prior to 4.50.1
Asseco InfoMedica versions prior to 5.38.0
Description
Asseco InfoMedica stores user passwords in an encoded format within a database. An attacker with access to these encoded passwords can decode them using an algorithm present in the client-side software.
Recommendations
Update to version 4.50.1 or later.
Update to version 5.38.0 or later.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Asseco Infomedica