PT-2025-37116 · Jepaas · Jepaas
C3P0Ooo_Yiqiyin
·
Published
2025-09-11
·
Updated
2025-09-11
·
CVE-2025-10247
CVSS v2.0
6.5
Medium
| Vector | AV:N/AC:L/Au:S/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions:
JEPaaS version 7.2.8
Description:
A security issue has been identified in JEPaaS 7.2.8 affecting the
doFilterInternal function within the Filter Handler component. This can lead to improper access controls and allows for remote execution of attacks. The exploit for this issue has been publicly disclosed. The vendor was informed of the disclosure but did not respond.Recommendations:
As a temporary workaround, consider disabling the
doFilterInternal function until a patch is available.Exploit
Fix
Incorrect Privilege Assignment
Improper Access Control
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Jepaas