Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
2 vulnerabilities by Axios Italia
CVE-2019-25069 (GCVE-0-2019-25069)
Vulnerability from cvelistv5 – Published: 2022-06-09 13:10 – Updated: 2025-04-15 14:30
VLAI
Title
Axios Italia Axios RE Error Message ASP.NET information disclosure
Summary
A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated remotely.
Severity
5.3 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-200 - Information Disclosure
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.139528 | x_refsource_MISC |
| https://vuldb.com/?id.139529 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Axios Italia | Axios RE |
Affected:
1.7.0
Affected: 7.0.0 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:18.940Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.139528"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.139529"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25069",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T16:58:42.808443Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:30:50.640Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Axios RE",
"vendor": "Axios Italia",
"versions": [
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "7.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ErPaciocco"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated remotely."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Information Disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-09T13:10:32.000Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.139528"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.139529"
}
],
"title": "Axios Italia Axios RE Error Message ASP.NET information disclosure",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2019-25069",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "Axios Italia Axios RE Error Message ASP.NET information disclosure"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Axios RE",
"version": {
"version_data": [
{
"version_value": "1.7.0"
},
{
"version_value": "7.0.0"
}
]
}
}
]
},
"vendor_name": "Axios Italia"
}
]
}
},
"credit": "ErPaciocco",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in Axios Italia Axios RE 1.7.0/7.0.0. This issue affects some unknown processing of the component Error Message Handler. The manipulation leads to information disclosure (ASP.NET). The attack may be initiated remotely."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "5.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-200 Information Disclosure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.139528",
"refsource": "MISC",
"url": "https://vuldb.com/?id.139528"
},
{
"name": "https://vuldb.com/?id.139529",
"refsource": "MISC",
"url": "https://vuldb.com/?id.139529"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2019-25069",
"datePublished": "2022-06-09T13:10:32.000Z",
"dateReserved": "2022-06-04T00:00:00.000Z",
"dateUpdated": "2025-04-15T14:30:50.640Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-25068 (GCVE-0-2019-25068)
Vulnerability from cvelistv5 – Published: 2022-06-09 13:10 – Updated: 2025-04-15 14:31
VLAI
Title
Axios Italia Axios RE Connection REDefault.aspx privileges management
Summary
A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated remotely.
Severity
6.3 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-269 - Improper Privilege Management
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://vuldb.com/?id.139528 | x_refsource_MISC |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Axios Italia | Axios RE |
Affected:
1.7.0
Affected: 7.0.0 |
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T03:00:19.045Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://vuldb.com/?id.139528"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2019-25068",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-14T17:13:38.740532Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-15T14:31:00.913Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Axios RE",
"vendor": "Axios Italia",
"versions": [
{
"status": "affected",
"version": "1.7.0"
},
{
"status": "affected",
"version": "7.0.0"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "ErPaciocco"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated remotely."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-09T13:10:31.000Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://vuldb.com/?id.139528"
}
],
"title": "Axios Italia Axios RE Connection REDefault.aspx privileges management",
"x_generator": "vuldb.com",
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cna@vuldb.com",
"ID": "CVE-2019-25068",
"REQUESTER": "cna@vuldb.com",
"STATE": "PUBLIC",
"TITLE": "Axios Italia Axios RE Connection REDefault.aspx privileges management"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Axios RE",
"version": {
"version_data": [
{
"version_value": "1.7.0"
},
{
"version_value": "7.0.0"
}
]
}
}
]
},
"vendor_name": "Axios Italia"
}
]
}
},
"credit": "ErPaciocco",
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability classified as critical was found in Axios Italia Axios RE 1.7.0/7.0.0. This vulnerability affects unknown code of the file REDefault.aspx of the component Connection Handler. The manipulation of the argument DBIDX leads to privilege escalation. The attack can be initiated remotely."
}
]
},
"generator": "vuldb.com",
"impact": {
"cvss": {
"baseScore": "6.3",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-269 Improper Privilege Management"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://vuldb.com/?id.139528",
"refsource": "MISC",
"url": "https://vuldb.com/?id.139528"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2019-25068",
"datePublished": "2022-06-09T13:10:31.000Z",
"dateReserved": "2022-06-04T00:00:00.000Z",
"dateUpdated": "2025-04-15T14:31:00.913Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}