cbcvebase.
CVE-2022-4312
published 2022-12-12

CVE-2022-4312: A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the…

PriorityP425medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.11%
1.8th percentile
A cleartext storage of sensitive information vulnerability exists in PcVue versions 8.10 through 15.2.3. This could allow an unauthorized user with access the email and short messaging service (SMS) accounts configuration files to discover the associated simple mail transfer protocol (SMTP) account credentials and the SIM card PIN code. Successful exploitation of this vulnerability could allow an unauthorized user access to the underlying email account and SIM card.

Affected

2 ranges
VendorProductVersion rangeFixed in
arc_informatiquepcvue8.10 – 15.2.3
arcinformatiquepcvue8.10 – 15.2.3
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.