LitmusChaos Litmus client-side enforcement of server-side security_CVE-2025-8792

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P

Description

A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Basic Information

ID CVE-2025-8792

Source VulDB

Published Aug 10, 2025 at 03:32

Affected Product

Vendor LitmusChaos

Product Litmus

Version 3.0

Affected Versions LitmusChaos Litmus 3.0
LitmusChaos Litmus 3.1
LitmusChaos Litmus 3.2
LitmusChaos Litmus 3.3
LitmusChaos Litmus 3.4
LitmusChaos Litmus 3.5
LitmusChaos Litmus 3.6
LitmusChaos Litmus 3.7
LitmusChaos Litmus 3.8
LitmusChaos Litmus 3.9
LitmusChaos Litmus 3.10
LitmusChaos Litmus 3.11
LitmusChaos Litmus 3.12
LitmusChaos Litmus 3.13
LitmusChaos Litmus 3.14
LitmusChaos Litmus 3.15
LitmusChaos Litmus 3.16
LitmusChaos Litmus 3.17
LitmusChaos Litmus 3.18
LitmusChaos Litmus 3.19.0

CWE Classification

CWE-602

References

{
    "lastseen": "",
    "description": "A vulnerability classified as problematic has been found in LitmusChaos Litmus up to 3.19.0. Affected is an unknown function. The manipulation leads to client-side enforcement of server-side security. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.",
    "published": "2025-08-10T03:32:06.333Z",
    "modified": "2025-08-10T03:32:06.333Z",
    "type": "cve",
    "title": "LitmusChaos Litmus client-side enforcement of server-side security",
    "source": "VulDB",
    "references": "https://vuldb.com/?id.319320\nhttps://vuldb.com/?ctiid.319320\nhttps://vuldb.com/?submit.625952\nhttps://github.com/MaiqueSilva/VulnDB/blob/main/README02.md",
    "id": "CVE-2025-8792",
    "bulletinFamily": "",
    "cwe": [
        "CWE-602"
    ],
    "cvelist": null,
    "sourceData": "LitmusChaos Litmus 3.0\nLitmusChaos Litmus 3.1\nLitmusChaos Litmus 3.2\nLitmusChaos Litmus 3.3\nLitmusChaos Litmus 3.4\nLitmusChaos Litmus 3.5\nLitmusChaos Litmus 3.6\nLitmusChaos Litmus 3.7\nLitmusChaos Litmus 3.8\nLitmusChaos Litmus 3.9\nLitmusChaos Litmus 3.10\nLitmusChaos Litmus 3.11\nLitmusChaos Litmus 3.12\nLitmusChaos Litmus 3.13\nLitmusChaos Litmus 3.14\nLitmusChaos Litmus 3.15\nLitmusChaos Litmus 3.16\nLitmusChaos Litmus 3.17\nLitmusChaos Litmus 3.18\nLitmusChaos Litmus 3.19.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Litmus",
    "version": "3.0",
    "vendor": "LitmusChaos",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}