Sensitive Information Disclosure in SolaX Cloud_CVE-2025-36759

8.7 / 10

HIGH

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby leak sensitive information such as user email addresses and phone numbers.

Basic Information

ID CVE-2025-36759

Source DIVD

Published Sep 10, 2025 at 08:50

Affected Product

Vendor SolaX Power

Product SolaX Cloud

Version before 27-06-2025

Affected Versions SolaX Power SolaX Cloud before 27-06-2025

CWE Classification

CWE-200

References

{
    "lastseen": "",
    "description": "Through the provision of user names, SolaX Cloud will suggest (similar) user accounts and thereby leak sensitive information such as user email addresses and phone numbers.",
    "published": "2025-09-10T08:50:56.409Z",
    "modified": "2025-09-10T08:50:56.409Z",
    "type": "cve",
    "title": "Sensitive Information Disclosure in SolaX Cloud",
    "source": "DIVD",
    "references": "https://csirt.divd.nl/CVE-2025-36759\nhttps://csirt.divd.nl/DIVD-2025-00015",
    "id": "CVE-2025-36759",
    "bulletinFamily": "",
    "cwe": [
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "SolaX Power SolaX Cloud before 27-06-2025",
    "sourceHref": "",
    "cvss": {
        "score": 8.7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "SolaX Cloud",
    "version": "before 27-06-2025",
    "vendor": "SolaX Power",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}