CVE-2025-60534

CRITICAL

9.8

Beschreibung

Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials.

CVE Details

CVSS v3.1 Bewertung9.8

SchweregradCRITICAL

CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AngriffsvektorNETWORK

KomplexitatLOW

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht1/6/2026

Zuletzt geandert1/29/2026

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

blueaccesstech:cobalt_x1

Schwachen (CWE)

CWE-287

Referenzen

http://blue.com(cve@mitre.org)

https://github.com/PilotPatrickk/Published-CVEs/blob/main/CVE-2025-60534.md(cve@mitre.org)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.