Search criteria
8 vulnerabilities by Sparx Systems
CVE-2026-42100 (GCVE-0-2026-42100)
Vulnerability from cvelistv5 – Published: 2026-05-19 12:59 – Updated: 2026-05-19 15:25
VLAI
Title
DoS in Sparx Pro Cloud Server
Summary
Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to be executed by sending an specially crafted SQL query. This causes the Pro Cloud Server service to terminate unexpectedly.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Severity
CWE
- CWE-228 - Improper Handling of Syntactically Invalid Structure
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2026/05/CVE-2026-42096 | third-party-advisory |
| https://sparxsystems.com/products/procloudserver/ | product |
| https://sploit.tech/2026/05/19/Sparx-Enterprise-A… | technical-description |
| https://efigo.pl/blog/CVE-2026-42096/ | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems | Pro Cloud Server |
Affected:
0 , ≤ 6.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42100",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T15:25:23.714598Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T15:25:37.873Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Pro Cloud Server",
"vendor": "Sparx Systems",
"versions": [
{
"lessThanOrEqual": "6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Blazej Adamczyk (br0x) - Efigo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to be executed by\u0026nbsp;sending an \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003especially crafted\u003c/span\u003e SQL query. This causes the Pro Cloud Server service to terminate unexpectedly.\u0026nbsp;\u003cbr\u003e\u003cbr\u003eThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.\u003cbr\u003e"
}
],
"value": "Improper Handling of Syntactically Invalid Structure in Sparx Pro Cloud Server allows Denial of Service (DoS) attack to be executed by\u00a0sending an specially crafted SQL query. This causes the Pro Cloud Server service to terminate unexpectedly.\u00a0\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-228",
"description": "CWE-228 Improper Handling of Syntactically Invalid Structure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T12:59:50.170Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2026/05/CVE-2026-42096"
},
{
"tags": [
"product"
],
"url": "https://sparxsystems.com/products/procloudserver/"
},
{
"tags": [
"technical-description"
],
"url": "https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://efigo.pl/blog/CVE-2026-42096/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "DoS in Sparx Pro Cloud Server",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-42100",
"datePublished": "2026-05-19T12:59:50.170Z",
"dateReserved": "2026-04-24T12:15:00.858Z",
"dateUpdated": "2026-05-19T15:25:37.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42099 (GCVE-0-2026-42099)
Vulnerability from cvelistv5 – Published: 2026-05-19 12:59 – Updated: 2026-05-19 15:26
VLAI
Title
Race Condition in Sparx Pro Cloud Server
Summary
Sparx Pro Cloud Server is vulnerable to a Race Condition in the /data_api/dl_internal_artifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location (__DIR__) under the specified name. An attacker with repository access can control both the filename and file contents, allowing the creation of a malicious PHP file in a current directory. Although the file is deleted after processing, a race condition exists: if the response transmission is delayed (e.g., via a large file or slow client connection), the file remains accessible. During this window, the attacker can issue a second request to execute the malicious PHP file, resulting in remote code execution.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Severity
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2026/05/CVE-2026-42096 | third-party-advisory |
| https://sparxsystems.com/products/procloudserver/ | product |
| https://sploit.tech/2026/05/19/Sparx-Enterprise-A… | technical-description |
| https://efigo.pl/blog/CVE-2026-42096/ | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems | Pro Cloud Server |
Affected:
0 , ≤ 6.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42099",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T15:26:11.723227Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T15:26:27.124Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Pro Cloud Server",
"vendor": "Sparx Systems",
"versions": [
{
"lessThanOrEqual": "6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Blazej Adamczyk (br0x) - Efigo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003eSparx Pro Cloud Server is vulnerable to a Race Condition in the /data_api/dl_internal_artifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location\u0026nbsp;(__DIR__)\u0026nbsp;under the specified name. An attacker with repository access can control both the filename and file contents, allowing the creation of a malicious PHP file in a current directory. Although the file is deleted after processing, a race condition exists: if the response transmission is delayed (e.g., via a large file or slow client connection), the file remains accessible. During this window, the attacker can issue a second request to execute the malicious PHP file, resulting in remote code execution.\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\u003cbr\u003eThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.\u003cbr\u003e"
}
],
"value": "Sparx Pro Cloud Server is vulnerable to a Race Condition in the /data_api/dl_internal_artifact.php endpoint. The application downloads the properties of the object pointed by guid parameter and saves loaded content in current location\u00a0(__DIR__)\u00a0under the specified name. An attacker with repository access can control both the filename and file contents, allowing the creation of a malicious PHP file in a current directory. Although the file is deleted after processing, a race condition exists: if the response transmission is delayed (e.g., via a large file or slow client connection), the file remains accessible. During this window, the attacker can issue a second request to execute the malicious PHP file, resulting in remote code execution.\n\n\n\n\n\n\n\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable."
}
],
"impacts": [
{
"capecId": "CAPEC-26",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-26 Leveraging Race Conditions"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "HIGH",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "LOW",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T12:59:38.938Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2026/05/CVE-2026-42096"
},
{
"tags": [
"product"
],
"url": "https://sparxsystems.com/products/procloudserver/"
},
{
"tags": [
"technical-description"
],
"url": "https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://efigo.pl/blog/CVE-2026-42096/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Race Condition in Sparx Pro Cloud Server",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-42099",
"datePublished": "2026-05-19T12:59:38.938Z",
"dateReserved": "2026-04-24T12:15:00.858Z",
"dateUpdated": "2026-05-19T15:26:27.124Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42098 (GCVE-0-2026-42098)
Vulnerability from cvelistv5 – Published: 2026-05-19 12:59 – Updated: 2026-05-19 15:27
VLAI
Title
Authorization Bypass in Sparx Enterprise Architect
Summary
Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Severity
CWE
- CWE-603 - Use of Client-Side Authentication
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2026/05/CVE-2026-42096 | third-party-advisory |
| https://sparxsystems.com/products/ea/ | product |
| https://sploit.tech/2026/05/19/Sparx-Enterprise-A… | technical-description |
| https://efigo.pl/blog/CVE-2026-42096/ | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems | Enterprise Architect |
Affected:
0 , ≤ 17.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42098",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T15:27:25.413696Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T15:27:32.916Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Enterprise Architect",
"vendor": "Sparx Systems",
"versions": [
{
"lessThanOrEqual": "17.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Blazej Adamczyk (br0x) - Efigo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sparx Enterprise Architect software has a security feature that limits user\u0027s actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository.\u003cbr\u003e\u003cbr\u003eThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.\u003cbr\u003e"
}
],
"value": "Sparx Enterprise Architect software has a security feature that limits user\u0027s actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior (e.g. using a debugger) and log in as any other user or administrator - then it is possible to do every possible change to the repository.\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 17.1 and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-603",
"description": "CWE-603 Use of Client-Side Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T12:59:29.705Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2026/05/CVE-2026-42096"
},
{
"tags": [
"product"
],
"url": "https://sparxsystems.com/products/ea/"
},
{
"tags": [
"technical-description"
],
"url": "https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://efigo.pl/blog/CVE-2026-42096/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authorization Bypass in Sparx Enterprise Architect",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-42098",
"datePublished": "2026-05-19T12:59:29.705Z",
"dateReserved": "2026-04-24T12:15:00.858Z",
"dateUpdated": "2026-05-19T15:27:32.916Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42097 (GCVE-0-2026-42097)
Vulnerability from cvelistv5 – Published: 2026-05-19 12:59 – Updated: 2026-05-19 15:28
VLAI
Title
Authentication Bypass in Sparx Pro Cloud Server
Summary
Sparx Pro Cloud Server requires authentication based on requested URL. An attacker can omit the "model" query parameter and send the model name only in the binary blob in POST request allowing SQL query execution without authentication.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Severity
CWE
- CWE-639 - Authorization Bypass Through User-Controlled Key
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2026/05/CVE-2026-42096 | third-party-advisory |
| https://sparxsystems.com/products/procloudserver/ | product |
| https://sploit.tech/2026/05/19/Sparx-Enterprise-A… | technical-description |
| https://efigo.pl/blog/CVE-2026-42096/ | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems | Pro Cloud Server |
Affected:
0 , ≤ 6.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42097",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T15:28:00.522422Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T15:28:13.174Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Pro Cloud Server",
"vendor": "Sparx Systems",
"versions": [
{
"lessThanOrEqual": "6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Blazej Adamczyk (br0x) - Efigo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sparx Pro Cloud Server\u0026nbsp;requires authentication based on requested URL. An\u0026nbsp;attacker can omit the \"model\" query parameter and send the model name only in the binary blob in POST request\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallowing SQL query execution without authentication.\u003c/span\u003e\u003cbr\u003e\u003cbr\u003eThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.\u003cbr\u003e"
}
],
"value": "Sparx Pro Cloud Server\u00a0requires authentication based on requested URL. An\u00a0attacker can omit the \"model\" query parameter and send the model name only in the binary blob in POST request\u00a0allowing SQL query execution without authentication.\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-639",
"description": "CWE-639 Authorization Bypass Through User-Controlled Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T12:59:19.821Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2026/05/CVE-2026-42096"
},
{
"tags": [
"product"
],
"url": "https://sparxsystems.com/products/procloudserver/"
},
{
"tags": [
"technical-description"
],
"url": "https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://efigo.pl/blog/CVE-2026-42096/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Authentication Bypass in Sparx Pro Cloud Server",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-42097",
"datePublished": "2026-05-19T12:59:19.821Z",
"dateReserved": "2026-04-24T12:15:00.858Z",
"dateUpdated": "2026-05-19T15:28:13.174Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2026-42096 (GCVE-0-2026-42096)
Vulnerability from cvelistv5 – Published: 2026-05-19 12:59 – Updated: 2026-05-19 14:25
VLAI
Title
Broken Access Control in Sparx Pro Cloud Server
Summary
Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context.
The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.
Severity
CWE
- CWE-863 - Incorrect Authorization
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://cert.pl/en/posts/2026/05/CVE-2026-42096 | third-party-advisory |
| https://sparxsystems.com/products/procloudserver/ | product |
| https://sploit.tech/2026/05/19/Sparx-Enterprise-A… | technical-description |
| https://efigo.pl/blog/CVE-2026-42096/ | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems | Pro Cloud Server |
Affected:
0 , ≤ 6.1
(semver)
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-42096",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-05-19T14:25:46.914657Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T14:25:54.493Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Pro Cloud Server",
"vendor": "Sparx Systems",
"versions": [
{
"lessThanOrEqual": "6.1",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Blazej Adamczyk (br0x) - Efigo"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Sparx Pro Cloud Server is vulnerable to Broken Access Control with\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ein communication with the database\u003c/span\u003e. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context.\u003cbr\u003e\u003cbr\u003eThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.\u003cbr\u003e"
}
],
"value": "Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context.\n\nThe vendor was notified early about this vulnerability, but didn\u0027t respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-05-19T12:59:10.826Z",
"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"shortName": "CERT-PL"
},
"references": [
{
"tags": [
"third-party-advisory"
],
"url": "https://cert.pl/en/posts/2026/05/CVE-2026-42096"
},
{
"tags": [
"product"
],
"url": "https://sparxsystems.com/products/procloudserver/"
},
{
"tags": [
"technical-description"
],
"url": "https://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://efigo.pl/blog/CVE-2026-42096/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Broken Access Control in Sparx Pro Cloud Server",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6",
"assignerShortName": "CERT-PL",
"cveId": "CVE-2026-42096",
"datePublished": "2026-05-19T12:59:10.826Z",
"dateReserved": "2026-04-24T12:15:00.857Z",
"dateUpdated": "2026-05-19T14:25:54.493Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-4377 (GCVE-0-2025-4377)
Vulnerability from cvelistv5 – Published: 2025-05-09 05:12 – Updated: 2025-05-09 13:22
VLAI
Title
Path traversal vulnerability in Sparx Pro Cloud Server WebEA webconfig in logview.php
Summary
Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server.
This vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem.
Logview is accessible on Pro Cloud Server Configuration interface.
This issue affects Pro Cloud Server: earlier than 6.0.165.
Severity
CWE
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems | Pro Cloud Server |
Affected:
0 , ≤ 6.0.163
(PCS)
Unaffected: 6.0.165 (PCS) |
Date Public
2025-05-05 06:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4377",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T13:22:04.482705Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T13:22:16.817Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://sparxsystems.com/products/procloudserver/",
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Pro Cloud Server",
"programFiles": [
"logview.php"
],
"vendor": "Sparx Systems",
"versions": [
{
"lessThanOrEqual": "6.0.163",
"status": "affected",
"version": "0",
"versionType": "PCS"
},
{
"status": "unaffected",
"version": "6.0.165",
"versionType": "PCS"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Santeri Siiril\u00e4"
},
{
"lang": "en",
"type": "finder",
"value": "Mikko Korpi"
}
],
"datePublic": "2025-05-05T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eImproper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server.\u003c/div\u003e\u003cdiv\u003eThis vulnerability is present in \u003ctt\u003elogview.php\u003c/tt\u003e and it allows reading arbitrary files on the filesystem.\u0026nbsp;\u003c/div\u003e\u003cdiv\u003eLogview is accessible on Pro Cloud Server Configuration interface. \u003cbr\u003e\u003c/div\u003e\u003cp\u003eThis issue affects Pro Cloud Server: earlier than 6.0.165.\u003c/p\u003e"
}
],
"value": "Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server.\n\nThis vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem.\u00a0\n\nLogview is accessible on Pro Cloud Server Configuration interface. \n\n\nThis issue affects Pro Cloud Server: earlier than 6.0.165."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126: Path Traversal"
}
]
},
{
"capecId": "CAPEC-139",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-139: Relative Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "LOW",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T05:12:59.487Z",
"orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"shortName": "NCSC-FI"
},
"references": [
{
"url": "https://sparxsystems.com/products/procloudserver/6.1/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Path traversal vulnerability in Sparx Pro Cloud Server WebEA webconfig in logview.php",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"assignerShortName": "NCSC-FI",
"cveId": "CVE-2025-4377",
"datePublished": "2025-05-09T05:12:59.487Z",
"dateReserved": "2025-05-06T05:21:12.322Z",
"dateUpdated": "2025-05-09T13:22:16.817Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4376 (GCVE-0-2025-4376)
Vulnerability from cvelistv5 – Published: 2025-05-09 05:12 – Updated: 2025-05-09 13:23
VLAI
Title
Cross-Site Scripting vulnerability in Model Search in Pro Cloud Server's WebEA
Summary
Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server's WebEA model search field allows Cross-Site Scripting (XSS).
This issue affects Pro Cloud Server: earlier than 6.0.165.
Severity
CWE
- CWE-20 - Improper Input Validation
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems | Pro Cloud Server |
Affected:
0 , ≤ 6.0.164
(PCS)
Unaffected: 6.0.165 (PCS) |
Date Public
2025-05-05 06:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T13:23:39.641885Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T13:23:45.927Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://sparxsystems.com/products/procloudserver/",
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Pro Cloud Server",
"vendor": "Sparx Systems",
"versions": [
{
"lessThanOrEqual": "6.0.164",
"status": "affected",
"version": "0",
"versionType": "PCS"
},
{
"status": "unaffected",
"version": "6.0.165",
"versionType": "PCS"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Santeri Siiril\u00e4"
},
{
"lang": "en",
"type": "finder",
"value": "Mikko Korpi"
}
],
"datePublic": "2025-05-05T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server\u0027s WebEA model search field allows Cross-Site Scripting (XSS). \u003cbr\u003e\u003cp\u003eThis issue affects Pro Cloud Server: earlier than 6.0.165.\u003c/p\u003e"
}
],
"value": "Improper Input Validation vulnerability in Sparx Systems Pro Cloud Server\u0027s WebEA model search field allows Cross-Site Scripting (XSS). \nThis issue affects Pro Cloud Server: earlier than 6.0.165."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T05:12:54.145Z",
"orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"shortName": "NCSC-FI"
},
"references": [
{
"url": "https://sparxsystems.com/products/procloudserver/6.1/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Scripting vulnerability in Model Search in Pro Cloud Server\u0027s WebEA",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"assignerShortName": "NCSC-FI",
"cveId": "CVE-2025-4376",
"datePublished": "2025-05-09T05:12:54.145Z",
"dateReserved": "2025-05-06T05:21:10.663Z",
"dateUpdated": "2025-05-09T13:23:45.927Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-4375 (GCVE-0-2025-4375)
Vulnerability from cvelistv5 – Published: 2025-05-09 05:12 – Updated: 2025-05-09 13:24
VLAI
Title
Cross-Site Request Forgery vulnerability in Pro Cloud Server's WebEA
Summary
Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password.
This issue affects Pro Cloud Server: earlier than 6.0.165.
Severity
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Sparx Systems | Pro Cloud Server |
Affected:
0 , ≤ 6.0.14
(PCS)
Unaffected: 6.0.165 (PCS) |
Date Public
2025-05-05 06:00
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-4375",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-09T13:24:15.312416Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T13:24:21.744Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://sparxsystems.com/products/procloudserver/",
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Pro Cloud Server",
"vendor": "Sparx Systems",
"versions": [
{
"lessThanOrEqual": "6.0.14",
"status": "affected",
"version": "0",
"versionType": "PCS"
},
{
"status": "unaffected",
"version": "6.0.165",
"versionType": "PCS"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Santeri Siiril\u00e4"
},
{
"lang": "en",
"type": "finder",
"value": "Mikko Korpi"
}
],
"datePublic": "2025-05-05T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password. \u003cbr\u003e\u003cp\u003eThis issue affects Pro Cloud Server: earlier than 6.0.165.\u003c/p\u003e"
}
],
"value": "Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password. \nThis issue affects Pro Cloud Server: earlier than 6.0.165."
}
],
"impacts": [
{
"capecId": "CAPEC-62",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-62 Cross Site Request Forgery"
}
]
},
{
"capecId": "CAPEC-593",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-593 Session Hijacking"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:H/VI:N/VA:L/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "LOW",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T05:12:48.610Z",
"orgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"shortName": "NCSC-FI"
},
"references": [
{
"url": "https://sparxsystems.com/products/procloudserver/6.1/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Cross-Site Request Forgery vulnerability in Pro Cloud Server\u0027s WebEA",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "db4dfee8-a97e-4877-bfae-eba6d14a2166",
"assignerShortName": "NCSC-FI",
"cveId": "CVE-2025-4375",
"datePublished": "2025-05-09T05:12:48.610Z",
"dateReserved": "2025-05-06T05:21:08.411Z",
"dateUpdated": "2025-05-09T13:24:21.744Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}