216.73.217.50

CVE-2025-35033

· Published 29/09/2025 20:15 · Modified 29/09/2025 20:15

Labels: CVE-2025-35033 2025-09-299119a7d8-5eab-497f-8521-727c672e3725CVE-2025-35033CWE-1236

Essential information

Published
29/09/2025 20:15
Modified
29/09/2025 20:15
Author
Creator
CVSS
6.3 MEDIUM (v3) 6.3 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Medical Informatics Engineering Enterprise Health has a CSV injection vulnerability that allows a remote, authenticated attacker to inject macros in downloadable CSV files. This issue is fixed as of 2025-03-14.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
9119a7d8-5eab-497f-8521-727c672e3725
NVD
View on NVD

Affected products (CPE)

ProductCPE
medical informatics engineering / enterprise health cpe:2.3:a:medical_informatics_engineering:enterprise_health:*:*:*:*:*:*:*:*

References