Unauthenticated User Enumeration via Missing Authentication_CVE-2025-41716

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

The web application allows an unauthenticated remote attacker to learn information about existing user accounts with their corresponding role due to missing authentication for critical function.

Basic Information

ID CVE-2025-41716

Source CERTVDE

Published Sep 24, 2025 at 09:04

Affected Product

Vendor WAGO

Product Solution Builder

Version 0.0.0

Affected Versions WAGO Solution Builder 0.0.0

CWE Classification

CWE-306

References

certvde.com /de/advisories/VDE-2025-087

{
    "lastseen": "",
    "description": "The web application allows an unauthenticated remote attacker to learn information about existing user accounts with their corresponding role due to missing authentication for critical function.",
    "published": "2025-09-24T09:04:33.971Z",
    "modified": "2025-09-24T09:04:33.971Z",
    "type": "cve",
    "title": "Unauthenticated User Enumeration via Missing Authentication",
    "source": "CERTVDE",
    "references": "https://certvde.com/de/advisories/VDE-2025-087",
    "id": "CVE-2025-41716",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "WAGO Solution Builder 0.0.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Solution Builder",
    "version": "0.0.0",
    "vendor": "WAGO",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}