PT-2025-50904 · Apache · Apache Fineract
Kristof Jozsa
+1
·
Published
2025-12-12
·
Updated
2025-12-18
·
CVE-2025-23408
CVSS v4.0
8.5
High
| Vector | AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H |
Name of the Vulnerable Software and Affected Versions
Apache Fineract versions through 1.10.1
Description
Apache Fineract is affected by a weak password requirements issue. Upgrade to version 1.11.0 or later to address this. Users are encouraged to upgrade to version 1.13.0, the latest release.
Recommendations
Upgrade to version 1.11.0 or later.
Upgrade to version 1.13.0.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Apache Fineract