Vulnerability Description
Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. Passwords of all users are stored in a database in an encoded format. An attacker in possession of these encoded passwords is able to decode them by using an algorithm embedded in the client-side part of the software. This vulnerability has been fixed in versions 4.50.1 and 5.38.0
Related Weaknesses (CWE)
References
FAQ
What is CVE-2025-8307?
CVE-2025-8307 is a documented vulnerability. Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. Passwords of all users are stored in a database in an encoded format. An at...
How severe is CVE-2025-8307?
CVSS scoring is not yet available for CVE-2025-8307. Check NVD for updates.
Is there a patch for CVE-2025-8307?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.