Vulnerability Details
Basic Information
| Title | CVE-2025-46579 |
|---|---|
| Type | nvd |
| Published | 2025-04-27T02:15:16 |
| Last Seen | 2025-04-27T02:19:23 |
| CVSS Score | 8.4 (HIGH) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | HIGH |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | HIGH |
CVE Information
| CVE IDs | CVE-2025-46579 |
|---|---|
| CWE | CWE-94 |
| Bulletin Family | cve |
Description
There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed.
Impact Assessment
| Base Score | 8.4 |
|---|---|
| Severity | HIGH |