← voltar
CVE-2025-15623

Sparx Pro Cloud Server reveals sensitive information to an unauthenticated user

CVSS 9.3 CRITICALEPSS 0.3%CWE-359CWE-497
Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in certain situations
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:L/SI:L/SA:N/S:P/AU:Y/V:C/RE:M/U:Red
Produtos afetados
Sparx Systems Pty Ltd. · Sparx Pro Cloud Server

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://sparxsystems.com/products/procloudserver/6.1/history.html