CVE-2025-30048

Unauthenticated access to module configuration endpoint

CVSS 5.3 MEDIUMEPSS 0.2%CWE-306

The "serverConfig" endpoint, which returns the module configuration including credentials, is accessible without authentication.

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:L/SI:L/SA:L

Productos afectados

¿Quieres saber si tu infraestructura está expuesta a esto?

Referencias