Frontier Airlines publicly available email address validation_CVE-2025-62236

5.3 / 10

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Description

The Frontier Airlines website has a publicly available endpoint that validates if an email addresses is associated with an account. An unauthenticated, remote attacker could determine valid email addresses, possibly aiding in further attacks.

Basic Information

ID CVE-2025-62236

Source cisa-cg

Published Oct 23, 2025 at 19:31

Affected Product

Vendor Frontier Airlines

Product flyfrontier.com

Version *

Affected Versions Frontier Airlines flyfrontier.com *

CWE Classification

CWE-204

References

{
    "lastseen": "",
    "description": "The Frontier Airlines website has a publicly available endpoint that validates if an email addresses is associated with an account. An unauthenticated, remote attacker could determine valid email addresses, possibly aiding in further attacks.",
    "published": "2025-10-23T19:31:15.979Z",
    "modified": "2025-10-23T19:31:15.979Z",
    "type": "cve",
    "title": "Frontier Airlines publicly available email address validation",
    "source": "cisa-cg",
    "references": "https://www.cve.org/CVERecord?id=CVE-2025-62236\nhttps://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-296-01.json",
    "id": "CVE-2025-62236",
    "bulletinFamily": "",
    "cwe": [
        "CWE-204"
    ],
    "cvelist": null,
    "sourceData": "Frontier Airlines flyfrontier.com *",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "flyfrontier.com",
    "version": "*",
    "vendor": "Frontier Airlines",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}