CVE-2025-62189_CVE-2025-62189

5.3 / 10

MEDIUM

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N

Description

LogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If exploited, a non-administrative user may create a new user account by sending a crafted HTTP request.

Basic Information

ID CVE-2025-62189

Source jpcert

Published Nov 21, 2025 at 06:17

Affected Product

Vendor LogStare Inc.

Product LogStare Collector (for Windows)

Version 2.4.1 and earlier

Affected Versions LogStare Inc. LogStare Collector (for Windows) 2.4.1 and earlier
LogStare Inc. LogStare Collector (for Linux) 2.4.1 and earlier

CWE Classification

CWE-863

References

{
    "lastseen": "",
    "description": "LogStare Collector contains an incorrect authorization vulnerability in UserRegistration. If exploited, a non-administrative user may create a new user account by sending a crafted HTTP request.",
    "published": "2025-11-21T06:17:56.472Z",
    "modified": "2025-11-21T06:17:56.472Z",
    "type": "cve",
    "title": "CVE-2025-62189",
    "source": "jpcert",
    "references": "https://www.logstare.com/vulnerability/2025-001/\nhttps://jvn.jp/en/jp/JVN77560819/",
    "id": "CVE-2025-62189",
    "bulletinFamily": "",
    "cwe": [
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "LogStare Inc. LogStare Collector (for Windows) 2.4.1 and earlier\nLogStare Inc. LogStare Collector (for Linux) 2.4.1 and earlier",
    "sourceHref": "",
    "cvss": {
        "score": 5.3,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "LogStare Collector (for Windows)",
    "version": "2.4.1 and earlier",
    "vendor": "LogStare Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}