CVE-2023-6519 was published on 2024-02-08 and affects Mia-Med versions before 1.0.7. The issue is described as an exposure of data element to the wrong session that can allow sensitive strings within an executable to be read. NVD records a CVSS v3.1 score of 7.5 (High) with network attack vector, no privileges required, and no user interaction, indicating a serious confidentiality-focused exposure for aff [truncated]
CVE-2023-6518 describes a plaintext password storage problem in MİA-MED/Mia-Med that can expose sensitive strings from the executable. The issue affects versions before 1.0.7 and is rated CVSS 7.5 (HIGH). From a defensive perspective, this is a confidentiality-impacting flaw that can expose embedded secrets to anyone who can obtain and inspect the binary.
CVE-2023-6515 is a high-severity authorization bypass in Mia Technology’s MIA-MED caused by a user-controlled key issue that can lead to authentication abuse. The vulnerability affects MIA-MED versions before 1.0.7 and is scored 8.8 (HIGH). The NVD record shows network-based exploitation with low attack complexity and low privileges required, while the USOM advisory maps the weakness to CWE-639.
