CVE-2025-8307

Medium CVSS: 5.9

Asseco InfoMedica is a comprehensive solution used to manage both administrative and medical tasks in the healthcare sector. Passwords of all users are stored in a database in an encoded format. An attacker in possession of these encoded passwords is able to decode them by using an algorithm embedded in the client-side part of the software.
This vulnerability has been fixed in versions 4.50.1 and 5.38.0

Vendor

Product

CWE

CWE-257

Yayın Tarihi

2026-01-08 14:15:56

Güncelleme

2026-01-08 18:08:18

Source Identifier

cvd@cert.pl

KEV Date Added

Kategoriler

CWE-257 MEDIUM 2026

Referanslar

https://cert.pl/en/posts/2026/01/CVE-2025-8306/