Vulnerabilites related to Medical Informatics Engineering - Enterprise Health
CVE-2025-35033 (GCVE-0-2025-35033)
Vulnerability from cvelistv5
Published
2025-09-29 20:01
Modified
2025-09-30 16:52
Severity ?
6.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H
4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
4.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1236 - Improper Neutralization of Formula Elements in a CSV File
Summary
Medical Informatics Engineering Enterprise Health has a CSV injection vulnerability that allows a remote, authenticated attacker to inject macros in downloadable CSV files. This issue is fixed as of 2025-03-14.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medical Informatics Engineering | Enterprise Health |
Version: RC202503 < RC202503 2025-03-14 Version: RC202409 < RC202409 2025-03-14 Version: RC202403 < RC202403 2025-03-14 Version: RC202309 < RC202309 2025-03-14 Version: RC202303 < RC202303 2025-03-14 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35033",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T16:51:53.401154Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T16:52:03.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Enterprise Health",
"vendor": "Medical Informatics Engineering",
"versions": [
{
"lessThan": "RC202503 2025-03-14",
"status": "affected",
"version": "RC202503",
"versionType": "custom"
},
{
"lessThan": "RC202409 2025-03-14",
"status": "affected",
"version": "RC202409",
"versionType": "custom"
},
{
"lessThan": "RC202403 2025-03-14",
"status": "affected",
"version": "RC202403",
"versionType": "custom"
},
{
"lessThan": "RC202309 2025-03-14",
"status": "affected",
"version": "RC202309",
"versionType": "custom"
},
{
"lessThan": "RC202303 2025-03-14",
"status": "affected",
"version": "RC202303",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "RC202503 2025-03-14"
},
{
"status": "unaffected",
"version": "RC202409 2025-03-14"
},
{
"status": "unaffected",
"version": "RC202403 2025-03-14"
},
{
"status": "unaffected",
"version": "RC202309 2025-03-14"
},
{
"status": "unaffected",
"version": "RC202303 2025-03-14"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Thompson, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Trevor LaPay, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Fernando Martinez, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Gary Huang, Sandia National Laboratories"
}
],
"datePublic": "2025-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Medical Informatics Engineering Enterprise Health has a CSV injection vulnerability that allows a remote, authenticated attacker to inject macros in downloadable CSV files. This issue is fixed as of 2025-03-14."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35033",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T19:04:42.893178Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1236",
"description": "CWE-1236 Improper Neutralization of Formula Elements in a CSV File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T20:01:38.144Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-272-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35033"
}
],
"title": "Medical Informatics Engineering Enterprise Health CSV injection"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35033",
"datePublished": "2025-09-29T20:01:38.144Z",
"dateReserved": "2025-04-15T20:56:24.404Z",
"dateUpdated": "2025-09-30T16:52:03.135Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35034 (GCVE-0-2025-35034)
Vulnerability from cvelistv5
Published
2025-09-29 20:01
Modified
2025-09-30 16:52
Severity ?
4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
5.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Summary
Medical Informatics Engineering Enterprise Health has a reflected cross site scripting vulnerability in the 'portlet_user_id' URL parameter. A remote, unauthenticated attacker can craft a URL that can execute arbitrary JavaScript in the victim's browser. This issue is fixed as of 2025-03-14.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medical Informatics Engineering | Enterprise Health |
Version: RC202503 < RC202503 2025-04-08 Version: RC202409 < RC202409 2025-04-08 Version: RC202403 < RC202403 2025-04-08 Version: RC202309 < RC202309 2025-04-08 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35034",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T16:52:18.169365Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T16:52:32.033Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Enterprise Health",
"vendor": "Medical Informatics Engineering",
"versions": [
{
"lessThan": "RC202503 2025-04-08",
"status": "affected",
"version": "RC202503",
"versionType": "custom"
},
{
"lessThan": "RC202409 2025-04-08",
"status": "affected",
"version": "RC202409",
"versionType": "custom"
},
{
"lessThan": "RC202403 2025-04-08",
"status": "affected",
"version": "RC202403",
"versionType": "custom"
},
{
"lessThan": "RC202309 2025-04-08",
"status": "affected",
"version": "RC202309",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "RC202503 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202409 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202403 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202309 2025-04-08"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Thompson, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Trevor LaPay, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Fernando Martinez, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Gary Huang, Sandia National Laboratories"
}
],
"datePublic": "2025-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Medical Informatics Engineering Enterprise Health has a reflected cross site scripting vulnerability in the \u0027portlet_user_id\u0027 URL parameter. A remote, unauthenticated attacker can craft a URL that can execute arbitrary JavaScript in the victim\u0027s browser. This issue is fixed as of 2025-03-14."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35034",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T19:05:33.060609Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T20:01:58.419Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-272-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35034"
}
],
"title": "Medical Informatics Engineering Enterprise Health reflected cross site scripting via portlet_user_id"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35034",
"datePublished": "2025-09-29T20:01:58.419Z",
"dateReserved": "2025-04-15T20:56:24.404Z",
"dateUpdated": "2025-09-30T16:52:32.033Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35032 (GCVE-0-2025-35032)
Vulnerability from cvelistv5
Published
2025-09-29 20:01
Modified
2025-09-30 16:51
Severity ?
3.4 (Low) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N
6.2 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H
6.2 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H
VLAI Severity ?
EPSS score ?
CWE
- CWE-434 - Unrestricted Upload of File with Dangerous Type
Summary
Medical Informatics Engineering Enterprise Health allows authenticated users to upload arbitrary files. The impact of this behavior depends on how files are accessed. This issue is fixed as of 2025-04-08.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medical Informatics Engineering | Enterprise Health |
Version: 0 < 2025-04-08 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35032",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T16:51:30.991184Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T16:51:39.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Enterprise Health",
"vendor": "Medical Informatics Engineering",
"versions": [
{
"lessThan": "2025-04-08",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2025-04-08"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Thompson, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Trevor LaPay, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Fernando Martinez, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Gary Huang, Sandia National Laboratories"
}
],
"datePublic": "2025-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Medical Informatics Engineering Enterprise Health allows authenticated users to upload arbitrary files. The impact of this behavior depends on how files are accessed. This issue is fixed as of 2025-04-08."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.4,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:L/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:L/VA:N/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35032",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T19:04:18.702828Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T20:01:09.311Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-272-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35032"
}
],
"title": "Medical Informatics Engineering Enterprise Health arbitrary file upload"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35032",
"datePublished": "2025-09-29T20:01:09.311Z",
"dateReserved": "2025-04-15T20:56:24.404Z",
"dateUpdated": "2025-09-30T16:51:39.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35030 (GCVE-0-2025-35030)
Vulnerability from cvelistv5
Published
2025-09-29 20:00
Modified
2025-09-30 16:50
Severity ?
8.1 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to trick administrative users into clicking a crafted URL and perform actions on behalf of that administrative user. This issue is fixed as of 2025-04-08.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medical Informatics Engineering | Enterprise Health |
Version: RC202503 < RC202503 2025-04-08 Version: RC202409 < RC202409 2025-04-08 Version: RC202403 < RC202403 2025-04-08 Version: RC202309 < RC202309 2025-04-08 Version: RC202303 < RC202303 2025-04-08 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35030",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T16:50:29.374740Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T16:50:38.126Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Enterprise Health",
"vendor": "Medical Informatics Engineering",
"versions": [
{
"lessThan": "RC202503 2025-04-08",
"status": "affected",
"version": "RC202503",
"versionType": "custom"
},
{
"lessThan": "RC202409 2025-04-08",
"status": "affected",
"version": "RC202409",
"versionType": "custom"
},
{
"lessThan": "RC202403 2025-04-08",
"status": "affected",
"version": "RC202403",
"versionType": "custom"
},
{
"lessThan": "RC202309 2025-04-08",
"status": "affected",
"version": "RC202309",
"versionType": "custom"
},
{
"lessThan": "RC202303 2025-04-08",
"status": "affected",
"version": "RC202303",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "RC202503 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202409 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202403 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202309 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202303 2025-04-08"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Thompson, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Trevor LaPay, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Fernando Martinez, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Gary Huang, Sandia National Laboratories"
}
],
"datePublic": "2025-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Medical Informatics Engineering Enterprise Health has a cross site request forgery vulnerability that allows an unauthenticated attacker to trick administrative users into clicking a crafted URL and perform actions on behalf of that administrative user. This issue is fixed as of 2025-04-08."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35030",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T19:03:24.475358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T20:00:16.950Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-272-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35030"
}
],
"title": "Medical Informatics Engineering Enterprise Health cross site request forgery"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35030",
"datePublished": "2025-09-29T20:00:16.950Z",
"dateReserved": "2025-04-15T20:56:24.404Z",
"dateUpdated": "2025-09-30T16:50:38.126Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-35031 (GCVE-0-2025-35031)
Vulnerability from cvelistv5
Published
2025-09-29 20:00
Modified
2025-09-30 16:51
Severity ?
3.3 (Low) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
4.6 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
4.6 (Medium) - CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
VLAI Severity ?
EPSS score ?
CWE
- CWE-1295 - Debug Messages Revealing Unnecessary Information
Summary
Medical Informatics Engineering Enterprise Health includes the user's current session token in debug output. An attacker could convince a user to send this output to the attacker, thus allowing the attacker to impersonate that user. This issue is fixed as of 2025-04-08.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Medical Informatics Engineering | Enterprise Health |
Version: RC202503 < RC202503 2025-04-08 Version: RC202409 < RC202409 2025-04-08 Version: RC202403 < RC202403 2025-04-08 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-35031",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-30T16:51:07.432042Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-30T16:51:17.132Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Enterprise Health",
"vendor": "Medical Informatics Engineering",
"versions": [
{
"lessThan": "RC202503 2025-04-08",
"status": "affected",
"version": "RC202503",
"versionType": "custom"
},
{
"lessThan": "RC202409 2025-04-08",
"status": "affected",
"version": "RC202409",
"versionType": "custom"
},
{
"lessThan": "RC202403 2025-04-08",
"status": "affected",
"version": "RC202403",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "RC202503 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202409 2025-04-08"
},
{
"status": "unaffected",
"version": "RC202403 2025-04-08"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "George Thompson, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Trevor LaPay, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Fernando Martinez, Sandia National Laboratories"
},
{
"lang": "en",
"value": "Gary Huang, Sandia National Laboratories"
}
],
"datePublic": "2025-09-29T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Medical Informatics Engineering Enterprise Health includes the user\u0027s current session token in debug output. An attacker could convince a user to send this output to the attacker, thus allowing the attacker to impersonate that user. This issue is fixed as of 2025-04-08."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.3,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV4_0": {
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 4.6,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "ACTIVE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
},
{
"other": {
"content": {
"id": "CVE-2025-35031",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-08-20T19:03:36.197031Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1295",
"description": "CWE-1295 Debug Messages Revealing Unnecessary Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-29T20:00:42.546Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-272-01.json"
},
{
"name": "url",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-35031"
}
],
"title": "Medical Informatics Engineering Enterprise Health includes session token in debug output"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2025-35031",
"datePublished": "2025-09-29T20:00:42.546Z",
"dateReserved": "2025-04-15T20:56:24.404Z",
"dateUpdated": "2025-09-30T16:51:17.132Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}