Vulnerability Details
Basic Information
| Title | CVE-2025-46815 |
|---|---|
| Type | cve |
| Published | 2025-05-06T18:15:38 |
| Last Seen | 2025-05-06T18:22:40 |
| CVSS Score | 8.0 (HIGH) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | HIGH |
| Privileges Required | NONE |
| User Interaction | REQUIRED |
| Scope | CHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | HIGH |
| Availability Impact | NONE |
CVE Information
| CVE IDs | CVE-2025-46815 |
|---|---|
| CWE | CWE-384, CWE-613, CWE-294 |
| Bulletin Family | cve |
Description
The identity infrastructure software ZITADEL offers developers the ability to manage user sessions using the Session API. This API enables the use of IdPs for authentication, known as idp intents. Following a successful idp intent, the client…
Impact Assessment
| Base Score | 8.0 |
|---|---|
| Severity | HIGH |