admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-12-16 10:44:41 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2025/CVE-2025-252xx/CVE-2025-25206.json
cad-safe-bot 627729c313 Auto-Update: 2025-03-02T03:00:19.570958+00:00
2025-03-02 03:03:52 +00:00

64 lines
2.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2025-25206",
"sourceIdentifier": "security-advisories@github.com",
"published": "2025-02-14T17:15:19.327",
"lastModified": "2025-02-14T17:15:19.327",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available."
},
{
"lang": "es",
"value": "eLabFTW es un cuaderno de laboratorio electr\u00f3nico de c\u00f3digo abierto para laboratorios de investigaci\u00f3n. Antes de la versi\u00f3n 5.1.15, una validaci\u00f3n de entrada incorrecta pod\u00eda permitir que un usuario autenticado leyera informaci\u00f3n confidencial, incluido el token de inicio de sesi\u00f3n u otro contenido almacenado en la base de datos. Esto pod\u00eda provocar una escalada de privilegios si se habilitaban las cookies (configuraci\u00f3n predeterminada). Los usuarios deben actualizar a la versi\u00f3n 5.1.15 de eLabFTW para recibir una soluci\u00f3n. No se conocen workarounds."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 5.5
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/elabftw/elabftw/releases/tag/5.1.15",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg",
"source": "security-advisories@github.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink