Vulnerability Details
Basic Information
| Title | CVE-2025-3707 Sunnet eHRD CTMS – SQL Injection |
|---|---|
| Type | cvelist |
| Published | 2025-05-02T02:50:33 |
| Last Seen | 2025-05-02T03:28:47 |
| CVSS Score | 6.5 (MEDIUM) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | LOW |
| Privileges Required | LOW |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | NONE |
| Availability Impact | NONE |
CVE Information
| CVE IDs | CVE-2025-3707 |
|---|---|
| CWE | CWE-89 |
| Bulletin Family | cve |
Description
The eHDR CTMS from Sunnet has a SQL Injection vulnerability, allowing remote attackers with regular privileges to inject arbitrary SQL command to read…
Impact Assessment
| Base Score | 6.5 |
|---|---|
| Severity | MEDIUM |