PT-2025-15972 · Videx · Videx Cyberaudit-Web
Hidde Smit
+1
·
Published
2025-04-10
·
Updated
2025-04-10
·
CVE-2025-22375
CVSS v4.0
9.3
Critical
| Vector | AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/R:A/V:D/RE:L/U:Green |
Name of the Vulnerable Software and Affected Versions:
Videx CyberAudit-Web versions prior to 9.5
Description:
An authentication bypass issue was found, allowing an attacker to create a valid session without credentials by exploiting a logic flaw.
Recommendations:
For versions prior to 9.5, update to a version later than 9.5, as a patch has been made available for all instances, including those that are End of Maintenance (EOM). If support is required, contact support@videx.com for assistance.
Fix
Improper Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Videx Cyberaudit-Web