CWE-807
AllowedReliance on Untrusted Inputs in a Security Decision
Abstraction: Base · Status: Incomplete
The product uses a protection mechanism that relies on the existence or values of an input, but the input can be modified by an untrusted actor in a way that bypasses the protection mechanism.
145 vulnerabilities reference this CWE, most recent first.
CVE-2025-24369 (GCVE-0-2025-24369)
Vulnerability from cvelistv5 – Published: 2025-01-27 22:57 – Updated: 2025-01-28 15:18- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| URL | Tags |
|---|---|
| https://github.com/Xe/x/security/advisories/GHSA-… | x_refsource_CONFIRM |
| https://github.com/Xe/x/commit/7bd7b209f4f1b897de… | x_refsource_MISC |
| https://github.com/Xe/x/commit/e09d0226a628f04b1d… | x_refsource_MISC |
| https://xeiaso.net/notes/2025/GHSA-56w8-8ppj-2p4f | x_refsource_MISC |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-24369",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-28T14:59:28.984137Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-28T15:18:44.746Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "x",
"vendor": "Xe",
"versions": [
{
"status": "affected",
"version": "\u003c v1.11.0-37-gd98d70a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Anubis is a tool that allows administrators to protect bots against AI scrapers through bot-checking heuristics and a proof-of-work challenge to discourage scraping from multiple IP addresses. Anubis allows attackers to bypass the bot protection by requesting a challenge, formulates any nonce (such as 42069), and then passes the challenge with difficulty zero. Commit e09d0226a628f04b1d80fd83bee777894a45cd02 fixes this behavior by not using a client-specified difficulty value."
}
],
"metrics": [
{
"cvssV4_0": {
"attackComplexity": "HIGH",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 2.3,
"baseSeverity": "LOW",
"privilegesRequired": "LOW",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-27T22:57:26.728Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/Xe/x/security/advisories/GHSA-56w8-8ppj-2p4f",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/Xe/x/security/advisories/GHSA-56w8-8ppj-2p4f"
},
{
"name": "https://github.com/Xe/x/commit/7bd7b209f4f1b897de85ec8973458dc8be606a8b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Xe/x/commit/7bd7b209f4f1b897de85ec8973458dc8be606a8b"
},
{
"name": "https://github.com/Xe/x/commit/e09d0226a628f04b1d80fd83bee777894a45cd02",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/Xe/x/commit/e09d0226a628f04b1d80fd83bee777894a45cd02"
},
{
"name": "https://xeiaso.net/notes/2025/GHSA-56w8-8ppj-2p4f",
"tags": [
"x_refsource_MISC"
],
"url": "https://xeiaso.net/notes/2025/GHSA-56w8-8ppj-2p4f"
}
],
"source": {
"advisory": "GHSA-56w8-8ppj-2p4f",
"discovery": "UNKNOWN"
},
"title": "Anubis has a bot protection bypass when a sophisticated attacker asks to pass a challenge of difficulty 0"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2025-24369",
"datePublished": "2025-01-27T22:57:26.728Z",
"dateReserved": "2025-01-20T15:18:26.991Z",
"dateUpdated": "2025-01-28T15:18:44.746Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-13926 (GCVE-0-2025-13926)
Vulnerability from cvelistv5 – Published: 2026-04-09 19:47 – Updated: 2026-04-10 14:11 Unsupported When Assigned| Vendor | Product | Version | |
|---|---|---|---|
| Contemporary Controls | BASControl20 |
Affected:
3.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-13926",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-04-10T14:11:03.255285Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-10T14:11:21.320Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "BASControl20",
"vendor": "Contemporary Controls",
"versions": [
{
"status": "affected",
"version": "3.1"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Joseph Fields of Naval Information Warfare Center Pacific reported this vulnerability to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An attacker could use data obtained by sniffing the network traffic to \nforge packets in order to make arbitrary requests to Contemporary \nControls BASC 20T."
}
],
"value": "An attacker could use data obtained by sniffing the network traffic to \nforge packets in order to make arbitrary requests to Contemporary \nControls BASC 20T."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"exploitMaturity": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-09T19:47:17.841Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.ccontrols.com/support/contacttech.htm"
},
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-099-01"
},
{
"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-099-01.json"
}
],
"source": {
"advisory": "ICSA-26-099-01",
"discovery": "EXTERNAL"
},
"tags": [
"unsupported-when-assigned"
],
"title": "Contemporary Controls BASC 20T Reliance on Untrusted Inputs in a Security Decision",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "According to Contemporary Controls, the BASC-20T is an obsolete product. It is recommended that users of the affected product \u003ca href=\"https://www.ccontrols.com/support/contacttech.htm\"\u003econtact Contemporary Controls\u003c/a\u003e for additional information."
}
],
"value": "According to Contemporary Controls, the BASC-20T is an obsolete product. It is recommended that users of the affected product contact Contemporary Controls https://www.ccontrols.com/support/contacttech.htm for additional information."
}
],
"x_generator": {
"engine": "Vulnogram 1.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2025-13926",
"datePublished": "2026-04-09T19:47:17.841Z",
"dateReserved": "2025-12-02T21:00:14.794Z",
"dateUpdated": "2026-04-10T14:11:21.320Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12488 (GCVE-0-2025-12488)
Vulnerability from cvelistv5 – Published: 2025-11-06 20:11 – Updated: 2025-11-06 20:30- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://github.com/oobabooga/text-generation-webu… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| oobabooga | text-generation-webui |
Affected:
2.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:30:26.055326Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:30:32.724Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "text-generation-webui",
"vendor": "oobabooga",
"versions": [
{
"status": "affected",
"version": "2.5"
}
]
}
],
"dateAssigned": "2025-10-29T19:50:03.575Z",
"datePublic": "2025-10-30T21:03:26.462Z",
"descriptions": [
{
"lang": "en",
"value": "oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of oobabooga text-generation-webui. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the trust_remote_code parameter provided to the load endpoint. The issue results from the lack of proper validation of a user-supplied argument before using it to load a model. An attacker can leverage this vulnerability to execute code in the context of the service account.\n. Was ZDI-CAN-26680."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:11:52.136Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-981",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-981/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/oobabooga/text-generation-webui/commit/b5a6904c4ac4049823396090360b6f566f4e4603"
}
],
"source": {
"lang": "en",
"value": "Nicholas Zubrisky (@NZubrisky) of Trend Micro Security Research"
},
"title": "oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-12488",
"datePublished": "2025-11-06T20:11:52.136Z",
"dateReserved": "2025-10-29T19:50:03.503Z",
"dateUpdated": "2025-11-06T20:30:32.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-12487 (GCVE-0-2025-12487)
Vulnerability from cvelistv5 – Published: 2025-11-06 20:12 – Updated: 2025-11-06 20:29- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| URL | Tags |
|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-… | x_research-advisory |
| https://github.com/oobabooga/text-generation-webu… | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| oobabooga | text-generation-webui |
Affected:
2.5
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-12487",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T20:29:33.516674Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:29:38.307Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "text-generation-webui",
"vendor": "oobabooga",
"versions": [
{
"status": "affected",
"version": "2.5"
}
]
}
],
"dateAssigned": "2025-10-29T19:49:54.614Z",
"datePublic": "2025-10-30T21:03:44.053Z",
"descriptions": [
{
"lang": "en",
"value": "oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of oobabooga text-generation-webui. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the handling of the trust_remote_code parameter provided to the join endpoint. The issue results from the lack of proper validation of a user-supplied argument before using it to load a model. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-26681."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T20:12:07.187Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-25-982",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-25-982/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://github.com/oobabooga/text-generation-webui/commit/b5a6904c4ac4049823396090360b6f566f4e4603"
}
],
"source": {
"lang": "en",
"value": "Nicholas Zubrisky (@NZubrisky) of Trend Micro Security Research"
},
"title": "oobabooga text-generation-webui trust_remote_code Reliance on Untrusted Inputs Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2025-12487",
"datePublished": "2025-11-06T20:12:07.187Z",
"dateReserved": "2025-10-29T19:49:54.540Z",
"dateUpdated": "2025-11-06T20:29:38.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-11271 (GCVE-0-2025-11271)
Vulnerability from cvelistv5 – Published: 2025-11-06 04:36 – Updated: 2026-04-08 16:51- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| Vendor | Product | Version | |
|---|---|---|---|
| smub | Easy Digital Downloads – eCommerce Payments and Subscriptions made easy |
Affected:
0 , ≤ 3.5.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11271",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T15:50:26.199391Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T15:50:35.023Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Easy Digital Downloads \u2013 eCommerce Payments and Subscriptions made easy",
"vendor": "smub",
"versions": [
{
"lessThanOrEqual": "3.5.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Jamie Davies"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Easy Digital Downloads plugin for WordPress is vulnerable to Order Manipulation in all versions up to, and including, 3.5.2 due to an order verification bypass. The verification is unconditionally skipped when the POST body includes verification_override=1. Because this value is attacker-supplied, an unauthenticated actor can submit a forged IPN and have it treated as verified, even on production sites and with verification otherwise enabled. A valid PayPal transaction id is needed, restricting order manipulation to orders placed by the attacker. This, in turn, requires them to have a customer account."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:51:15.440Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/4c63154e-9413-47ea-a740-441618266adf?source=cve"
},
{
"url": "https://github.com/awesomemotive/easy-digital-downloads/blob/main/includes/gateways/paypal/ipn.php"
},
{
"url": "https://github.com/awesomemotive/easy-digital-downloads/blob/main/src/Gateways/PayPal/IPN.php"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3382964%40easy-digital-downloads%2Ftrunk\u0026old=3364285%40easy-digital-downloads%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2025-10-03T22:10:42.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2025-11-05T16:27:52.000Z",
"value": "Disclosed"
}
],
"title": "Easy Digital Download \u003c= 3.5.2 - Insufficient Verification to Order Manipulation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-11271",
"datePublished": "2025-11-06T04:36:22.463Z",
"dateReserved": "2025-10-03T21:53:31.464Z",
"dateUpdated": "2026-04-08T16:51:15.440Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10161 (GCVE-0-2025-10161)
Vulnerability from cvelistv5 – Published: 2025-11-11 12:42 – Updated: 2026-06-05 10:50| URL | Tags |
|---|---|
| https://www.usom.gov.tr/bildirim/tr-25-0387 | government-resourcebroken-link |
| https://siberguvenlik.gov.tr/guvenlik-bildirimler… | government-resource |
| Vendor | Product | Version | |
|---|---|---|---|
| Turkguven Software Technologies Inc. | Perfektive |
Affected:
0 , < Version: 12574 Build: 2701
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10161",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-14T18:22:51.139313Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-14T18:22:58.881Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Perfektive",
"vendor": "Turkguven Software Technologies Inc.",
"versions": [
{
"lessThan": "Version: 12574 Build: 2701",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ferit \u00d6ZNER"
}
],
"datePublic": "2025-11-11T12:02:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security Decision vulnerability in Turkguven Software Technologies Inc. Perfektive allows Brute Force, Authentication Bypass, Functionality Bypass.\u003cp\u003eThis issue affects Perfektive: before Version: 12574 Build: 2701.\u003c/p\u003e"
}
],
"value": "Improper Restriction of Excessive Authentication Attempts, Client-Side Enforcement of Server-Side Security, Reliance on Untrusted Inputs in a Security Decision vulnerability in Turkguven Software Technologies Inc. Perfektive allows Brute Force, Authentication Bypass, Functionality Bypass.\n\nThis issue affects Perfektive: before Version: 12574 Build: 2701."
}
],
"impacts": [
{
"capecId": "CAPEC-112",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-112 Brute Force"
}
]
},
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
},
{
"capecId": "CAPEC-554",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-554 Functionality Bypass"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-602",
"description": "CWE-602 Client-Side Enforcement of Server-Side Security",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-06-05T10:50:04.252Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"tags": [
"government-resource",
"broken-link"
],
"url": "https://www.usom.gov.tr/bildirim/tr-25-0387"
},
{
"tags": [
"government-resource"
],
"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0387"
}
],
"source": {
"advisory": "TR-25-0387",
"defect": [
"TR-25-0387"
],
"discovery": "UNKNOWN"
},
"title": "Authentication Bypass in Turkguven\u0027s Perfektive",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2025-10161",
"datePublished": "2025-11-11T12:42:50.253Z",
"dateReserved": "2025-09-09T12:49:55.496Z",
"dateUpdated": "2026-06-05T10:50:04.252Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-1969 (GCVE-0-2025-1969)
Vulnerability from cvelistv5 – Published: 2025-03-04 18:49 – Updated: 2025-10-14 19:28- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| URL | Tags |
|---|---|
| https://github.com/aws-samples/iam-identity-cente… | third-party-advisory |
| https://aws.amazon.com/security/security-bulletin… | vendor-advisory |
| https://github.com/aws-samples/iam-identity-cente… | patch |
| Vendor | Product | Version | |
|---|---|---|---|
| AWS | Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center |
Affected:
0 , < 1.2.2
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1969",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T19:04:52.957578Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-04T19:05:23.894Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center",
"repo": "https://github.com/aws-samples/iam-identity-center-team",
"vendor": "AWS",
"versions": [
{
"lessThan": "1.2.2",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper request input validation in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM.\u003c/p\u003e\u003cp\u003eUpgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Improper request input validation in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center allows a user to modify a valid request and spoof an approval in TEAM.\n\nUpgrade TEAM to the latest release v.1.2.2. Follow instructions in updating TEAM documentation for updating process"
}
],
"impacts": [
{
"capecId": "CAPEC-385",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-385 Transaction or Event Tampering via Application API Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807: Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T19:28:26.314Z",
"orgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"shortName": "AMZN"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://github.com/aws-samples/iam-identity-center-team/security/advisories/GHSA-x9xv-r58p-qh86"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://aws.amazon.com/security/security-bulletins/AWS-2025-004/"
},
{
"tags": [
"patch"
],
"url": "https://github.com/aws-samples/iam-identity-center-team/releases/tag/v1.2.2"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Request approval spoofing in Temporary Elevated Access Management (TEAM) for AWS IAM Identity Center",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ff89ba41-3aa1-4d27-914a-91399e9639e5",
"assignerShortName": "AMZN",
"cveId": "CVE-2025-1969",
"datePublished": "2025-03-04T18:49:01.823Z",
"dateReserved": "2025-03-04T18:30:46.680Z",
"dateUpdated": "2025-10-14T19:28:26.314Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-1126 (GCVE-0-2025-1126)
Vulnerability from cvelistv5 – Published: 2025-02-11 16:50 – Updated: 2025-02-12 20:51| Vendor | Product | Version | |
|---|---|---|---|
| Lexmark | Lexmark Print Management Client |
Affected:
3.0.0 , < 3.5.0
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-1126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-11T17:04:45.524278Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:51:45.122Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lexmark Print Management Client",
"vendor": "Lexmark",
"versions": [
{
"lessThan": "3.5.0",
"status": "affected",
"version": "3.0.0",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client."
}
],
"value": "A Reliance on Untrusted Inputs in a Security Decision vulnerability has been identified in the Lexmark Print Management Client."
}
],
"impacts": [
{
"capecId": "CAPEC-153",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-153 Input Data Manipulation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-11T16:57:18.291Z",
"orgId": "7bc73191-a2b6-4c63-9918-753964601853",
"shortName": "Lexmark"
},
"references": [
{
"url": "https://www.lexmark.com/en_us/solutions/security/lexmark-security-advisories.html"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Lexmark has identified a vulnerability in our Lexmark Print Management Client (LPMC).",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Lexmark recommends updating the LPMC version if affected.\u003cbr\u003e"
}
],
"value": "Lexmark recommends updating the LPMC version if affected."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7bc73191-a2b6-4c63-9918-753964601853",
"assignerShortName": "Lexmark",
"cveId": "CVE-2025-1126",
"datePublished": "2025-02-11T16:50:34.270Z",
"dateReserved": "2025-02-07T21:20:13.715Z",
"dateUpdated": "2025-02-12T20:51:45.122Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-0117 (GCVE-0-2025-0117)
Vulnerability from cvelistv5 – Published: 2025-03-12 18:35 – Updated: 2026-02-26 19:09- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| URL | Tags |
|---|---|
| https://security.paloaltonetworks.com/CVE-2025-0117 | vendor-advisory |
| Vendor | Product | Version | |
|---|---|---|---|
| Palo Alto Networks | GlobalProtect App |
Affected:
6.3.0 , < 6.3.3
(custom)
Affected: 6.2.0 , < 6.2.6 (custom) Affected: 6.1.0 , < 10.2.14 (custom) Affected: 6.0.0 , < 10.1.14-h11 (custom) cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:* |
|
| Palo Alto Networks | GlobalProtect App |
Unaffected:
All , < 6.3.3
(custom)
cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:* cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:* |
|
| Palo Alto Networks | GlobalProtect UWP App |
Unaffected:
All
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-0117",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-13T03:55:24.925299Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-02-26T19:09:35.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.3.3",
"status": "unaffected"
}
],
"lessThan": "6.3.3",
"status": "affected",
"version": "6.3.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "6.2.6",
"status": "unaffected"
}
],
"lessThan": "6.2.6",
"status": "affected",
"version": "6.2.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.2.14",
"status": "unaffected"
},
{
"at": "10.2.13-h5",
"status": "unaffected"
}
],
"lessThan": "10.2.14",
"status": "affected",
"version": "6.1.0",
"versionType": "custom"
},
{
"changes": [
{
"at": "10.1.14-h11",
"status": "unaffected"
}
],
"lessThan": "10.1.14-h11",
"status": "affected",
"version": "6.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.3.0:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.4:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.3:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.2:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.1:-:*:*:*:*:*:*",
"cpe:2.3:a:paloaltonetworks:globalprotect_app:6.2.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"platforms": [
"iOS",
"Android",
"Chrome OS",
"macOS"
],
"product": "GlobalProtect App",
"vendor": "Palo Alto Networks",
"versions": [
{
"changes": [
{
"at": "6.3.3",
"status": "unaffected"
}
],
"lessThan": "6.3.3",
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "GlobalProtect UWP App",
"vendor": "Palo Alto Networks",
"versions": [
{
"status": "unaffected",
"version": "All",
"versionType": "custom"
}
]
}
],
"configurations": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"value": "No special configuration is required to be vulnerable to this issue."
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Maxime ESCOURBIAC, Michelin CERT"
},
{
"lang": "en",
"type": "finder",
"value": "Yassine BENGANA, Abicom for Michelin CERT"
},
{
"lang": "en",
"type": "finder",
"value": "Handelsbanken AB F-Secure"
}
],
"datePublic": "2025-03-12T16:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM.\u003cbr\u003e\u003cbr\u003eGlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected."
}
],
"value": "A reliance on untrusted input for a security decision in the GlobalProtect app on Windows devices potentially enables a locally authenticated non-administrative Windows user to escalate their privileges to NT AUTHORITY\\SYSTEM.\n\nGlobalProtect App on macOS, Linux, iOS, Android, Chrome OS and GlobalProtect UWP App are not affected."
}
],
"exploits": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "PASSIVE",
"valueDensity": "DIFFUSE",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:N/VI:H/VA:N/SC:H/SI:H/SA:H/AU:N/R:U/V:D/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "A local Windows user (or malware) with non-administrative rights elevates their privileges to NT AUTHORITY\\SYSTEM."
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-12T18:44:09.386Z",
"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"shortName": "palo_alto"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://security.paloaltonetworks.com/CVE-2025-0117"
}
],
"solutions": [
{
"lang": "eng",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003ctable\u003e\u003cthead\u003e\u003ctr\u003e\u003cth\u003eVersion\u003cbr\u003e\u003c/th\u003e\u003cth\u003eSuggested Solution\u003cbr\u003e\u003c/th\u003e\u003c/tr\u003e\u003c/thead\u003e\u003ctbody\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.3 on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.3.3 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.2 on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.6 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.1 on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.6 or later or upgrade to 6.3.3 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App 6.0 on Windows\u003cbr\u003e\u003c/td\u003e\u003ctd\u003eUpgrade to 6.2.6 or later or upgrade to 6.3.3 or later\u003cbr\u003e\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Linux\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on iOS\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect App on Android\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003ctr\u003e\u003ctd\u003eGlobalProtect UWP App\u003c/td\u003e\u003ctd\u003eNo action needed\u003c/td\u003e\u003c/tr\u003e\u003c/tbody\u003e\u003c/table\u003e\u003cbr\u003e\u003cp\u003e\u003cb\u003eSolution for new and existing GlobalProtect app installation on Windows\u003c/b\u003e\u003c/p\u003eYou can use your endpoint mobile device management (MDM) tools to apply the following changes:\u003cbr\u003e\u003col\u003e\u003cli\u003eInstall a fixed version of the GlobalProtect app.\u003cbr\u003e\u003c/li\u003e\u003cli\u003eUpdate the following registry key with the specified value (uses the REG_SZ type):\u003cbr\u003e[HKEY_LOCAL_MACHINE\\SOFTWARE\\Palo Alto Networks\\GlobalProtect\\Settings]\u003cbr\u003e\"check-communication\"=\"yes\"\u003c/li\u003e\u003cli\u003eRestart the operating system to apply this registry change.\u003cbr\u003e\u003c/li\u003e\u003c/ol\u003e\u003cp\u003e\u003cb\u003eAlternate solution for new GlobalProtect app installation on Windows\u003c/b\u003e\u003c/p\u003e\u003cp\u003eInstall the GlobalProtect app with the pre-deployment key CHECKCOMM set to \"yes\":\u003c/p\u003e\u003cblockquote\u003e\u003ctt\u003emsiexec.exe /i GlobalProtect64.msi CHECKCOMM=\"yes\"\u003c/tt\u003e\u003c/blockquote\u003e\u003cp\u003eNote: This command adds the registry value from the previous solution instructions\u2014no additional MSI options are needed.\u003cbr\u003e\u003c/p\u003e"
}
],
"value": "Version\nSuggested Solution\nGlobalProtect App 6.3 on Windows\nUpgrade to 6.3.3 or later\nGlobalProtect App 6.2 on Windows\nUpgrade to 6.2.6 or later\nGlobalProtect App 6.1 on Windows\nUpgrade to 6.2.6 or later or upgrade to 6.3.3 or later\nGlobalProtect App 6.0 on Windows\nUpgrade to 6.2.6 or later or upgrade to 6.3.3 or later\nGlobalProtect App on LinuxNo action neededGlobalProtect App on iOSNo action neededGlobalProtect App on AndroidNo action neededGlobalProtect UWP AppNo action needed\nSolution for new and existing GlobalProtect app installation on Windows\n\nYou can use your endpoint mobile device management (MDM) tools to apply the following changes:\n * Install a fixed version of the GlobalProtect app.\n\n * Update the following registry key with the specified value (uses the REG_SZ type):\n[HKEY_LOCAL_MACHINE\\SOFTWARE\\Palo Alto Networks\\GlobalProtect\\Settings]\n\"check-communication\"=\"yes\"\n * Restart the operating system to apply this registry change.\n\nAlternate solution for new GlobalProtect app installation on Windows\n\nInstall the GlobalProtect app with the pre-deployment key CHECKCOMM set to \"yes\":\n\nmsiexec.exe /i GlobalProtect64.msi CHECKCOMM=\"yes\"Note: This command adds the registry value from the previous solution instructions\u2014no additional MSI options are needed."
}
],
"source": {
"defect": [
"GPC-19863"
],
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-12T16:00:00.000Z",
"value": "Initial Publication"
}
],
"title": "GlobalProtect App: Local Privilege Escalation (PE) Vulnerability",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "No workaround or mitigation is available."
}
],
"value": "No workaround or mitigation is available."
}
],
"x_affectedList": [
"GlobalProtect App 6.3.2",
"GlobalProtect App 6.3.1",
"GlobalProtect App 6.3.0",
"GlobalProtect App 6.3",
"GlobalProtect App 6.2.4",
"GlobalProtect App 6.2.3",
"GlobalProtect App 6.2.2",
"GlobalProtect App 6.2.1",
"GlobalProtect App 6.2.0",
"GlobalProtect App 6.2"
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0",
"assignerShortName": "palo_alto",
"cveId": "CVE-2025-0117",
"datePublished": "2025-03-12T18:35:35.409Z",
"dateReserved": "2024-12-20T23:23:18.651Z",
"dateUpdated": "2026-02-26T19:09:35.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-55354 (GCVE-0-2024-55354)
Vulnerability from cvelistv5 – Published: 2025-04-08 00:00 – Updated: 2025-04-14 14:51- CWE-807 - Reliance on Untrusted Inputs in a Security Decision
| Vendor | Product | Version | |
|---|---|---|---|
| Lucee | Lucee Server |
Affected:
0 , < 5.4.7.3 LTS
(custom)
Affected: 6 , < 6.1.1.118 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-55354",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T14:51:34.988233Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-14T14:51:59.128Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Lucee Server",
"vendor": "Lucee",
"versions": [
{
"lessThan": "5.4.7.3 LTS",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "6.1.1.118",
"status": "affected",
"version": "6",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lucee:lucee_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5.4.7.3 LTS",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:lucee:lucee_server:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.1.1.118",
"versionStartIncluding": "6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Lucee before 5.4.7.3 LTS and 6 before 6.1.1.118, when an attacker can place files on the server, is vulnerable to a protection mechanism failure that can let an attacker run code that would be expected to be blocked and access resources that would be expected to be protected."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-807",
"description": "CWE-807 Reliance on Untrusted Inputs in a Security Decision",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T23:43:56.952Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"url": "https://dev.lucee.org/t/lucee-cve-2024-55354-security-advisory-april-2025/14963"
}
],
"x_generator": {
"engine": "enrichogram 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2024-55354",
"datePublished": "2025-04-08T00:00:00.000Z",
"dateReserved": "2024-12-06T00:00:00.000Z",
"dateUpdated": "2025-04-14T14:51:59.128Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation MIT-14
Strategy: Attack Surface Reduction
- Store state information and sensitive data on the server side only.
- Ensure that the system definitively and unambiguously keeps track of its own state and user state and has rules defined for legitimate state transitions. Do not allow any application user to affect state directly in any way other than through legitimate actions leading to state transitions.
- If information must be stored on the client, do not do so without encryption and integrity checking, or otherwise having a mechanism on the server side to catch tampering. Use a message authentication code (MAC) algorithm, such as Hash Message Authentication Code (HMAC) [REF-529]. Apply this against the state or sensitive data that has to be exposed, which can guarantee the integrity of the data - i.e., that the data has not been modified. Ensure that a strong hash function is used (CWE-328).
Mitigation MIT-4.2
Strategy: Libraries or Frameworks
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid.
- With a stateless protocol such as HTTP, use a framework that maintains the state for you.
- Examples include ASP.NET View State [REF-756] and the OWASP ESAPI Session Management feature [REF-45].
- Be careful of language features that provide state support, since these might be provided as a convenience to the programmer and may not be considering security.
Mitigation MIT-15
For any security checks that are performed on the client side, ensure that these checks are duplicated on the server side, in order to avoid CWE-602. Attackers can bypass the client-side checks by modifying values after the checks have been performed, or by changing the client to remove the client-side checks entirely. Then, these modified values would be submitted to the server.
Mitigation MIT-16
Strategy: Environment Hardening
When using PHP, configure the application so that it does not use register_globals. During implementation, develop the application so that it does not rely on this feature, but be wary of implementing a register_globals emulation that is subject to weaknesses such as CWE-95, CWE-621, and similar issues.
Mitigation MIT-6
Strategy: Attack Surface Reduction
- Understand all the potential areas where untrusted inputs can enter your software: parameters or arguments, cookies, anything read from the network, environment variables, reverse DNS lookups, query results, request headers, URL components, e-mail, files, filenames, databases, and any external systems that provide data to the application. Remember that such inputs may be obtained indirectly through API calls.
- Identify all inputs that are used for security decisions and determine if you can modify the design so that you do not have to rely on submitted inputs at all. For example, you may be able to keep critical information about the user's session on the server side instead of recording it within external data.
No CAPEC attack patterns related to this CWE.