PT-2025-10645 · Nintex · Nintex Automation
Ianis Bernard
·
Published
2025-03-10
·
Updated
2026-01-29
·
CVE-2025-27926
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Nintex Automation versions 5.6 through 5.7
Description
The issue concerns configuration files in the K2 SmartForms Designer folder that contain passwords readable by unauthorized users.
Recommendations
For Nintex Automation versions 5.6 through 5.7, update to version 5.8 or later to resolve the issue.
Fix
Incorrect Default Permissions
Insufficiently Protected Credentials
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Nintex Automation