PT-2025-22521 · Unknown · Matrix Series+2
Published
2025-05-22
·
Updated
2025-05-22
·
CVE-2025-30170
CVSS v3.1
5.5
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
ASPECT-Enterprise versions through 3.08.03
NEXUS Series versions through 3.08.03
MATRIX Series versions through 3.08.03
Description
Exposure of file path, file size, or file existence vulnerabilities in ASPECT provide attackers access to file system information if session administrator credentials become compromised.
Recommendations
For ASPECT-Enterprise versions through 3.08.03, consider restricting access to sensitive file system information to minimize the risk of exploitation.
For NEXUS Series versions through 3.08.03, restrict access to the file system to prevent attackers from gaining information about file paths, sizes, or existence.
For MATRIX Series versions through 3.08.03, limit the privileges of session administrator credentials to reduce the impact of a potential compromise.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aspect-Enterprise
Matrix Series
Nexus Series