彙總 mv 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
常見弱點模式包括 SQL 注入,在 軟體部署與生產負載 使用場景中可能帶來 資料外洩 等風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2022-30496 | SQL injection in Logon Page of IDCE MV's application, version 1.0, allows an attacker to inject SQL payloads in the user field, connecting to a database to access enterprise's private and sensitive information. | [email protected] | 7.5 | 1.21% | 2022-06-02 | 2026-06-17 |
| CVE-2020-23283 | Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force. | [email protected] | 7.5 | 1.44% | 2021-07-21 | 2026-06-16 |
| CVE-2020-23282 | SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized information. | [email protected] | 7.5 | 1.28% | 2021-07-21 | 2026-06-16 |
| CVE-2020-23284 | Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application. | [email protected] | 7.5 | 1.00% | 2021-07-20 | 2026-06-16 |