PT-2025-22524 · Unknown · Matrix Series+2
Published
2025-05-22
·
Updated
2025-05-22
·
CVE-2025-30173
CVSS v3.1
6.7
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
ASPECT-Enterprise versions through 3.08.03
NEXUS Series versions through 3.08.03
MATRIX Series versions through 3.08.03
Description
File upload vulnerabilities are present in ASPECT if session administrator credentials become compromised.
Recommendations
For ASPECT-Enterprise versions through 3.08.03, restrict access to file upload functionality until a patch is available.
For NEXUS Series versions through 3.08.03, consider disabling file upload features to minimize the risk of exploitation.
For MATRIX Series versions through 3.08.03, avoid using compromised session administrator credentials to prevent file upload vulnerabilities.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Aspect-Enterprise
Matrix Series
Nexus Series