PT-2025-27467 · Akamai · Akamai Cloudtest
Published
2025-06-02
·
Updated
2025-07-25
·
CVE-2025-49493
CVSS v3.1
5.8
Medium
| Vector | AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Akamai CloudTest versions prior to 60 2025.06.02 (12988)
Description
Akamai CloudTest is susceptible to an XML External Entity (XXE) injection flaw. This allows for file inclusion by manipulating XML input, potentially leading to unauthorized access to sensitive information. The vulnerability exists through the
/concerto/services/RepositoryService SOAP endpoint.Recommendations
Akamai CloudTest versions prior to 60 2025.06.02 (12988) should be updated to version 60 2025.06.02 (12988) or later to address this issue.
Exploit
Fix
XXE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Akamai Cloudtest