CVE-2025-12461

N/A

Description

This vulnerability allows an attacker to access parts of the application that are not protected by any type of access control. The attacker could access this path ‘…/epsilonnet/License/About.aspx’ and obtain information on both the licence and the configuration of the product by knowing which modules are installed.

Details CVE

Score CVSS v3.1N/A

Publie10/29/2025

Derniere modification10/30/2025

Sourcenvd

Observations honeypot0

Faiblesses (CWE)

CWE-522

References

https://www.incibe.es/en/incibe-cert/notices/aviso/unprotected-access-parts-application-epsilon-rh-grupo-castilla(cve-coordination@incibe.es)

Correlations IOC

Aucune correlation enregistree

This product uses data from the NVD API but is not endorsed or certified by the NVD.