Vulnerability Details
Basic Information
| Title | CVE-2025-2306 |
|---|---|
| Type | cve |
| Published | 2025-05-16T13:15:52 |
| Last Seen | 2025-05-16T13:27:32 |
| CVSS Score | 5.9 (MEDIUM) |
CVSS v3 Details
| Attack Vector | NETWORK |
|---|---|
| Attack Complexity | HIGH |
| Privileges Required | NONE |
| User Interaction | NONE |
| Scope | UNCHANGED |
| Confidentiality Impact | HIGH |
| Integrity Impact | NONE |
| Availability Impact | NONE |
CVE Information
| CVE IDs | CVE-2025-2306 |
|---|---|
| CWE | CWE-284 |
| Bulletin Family | cve |
Description
An Improper Access Control vulnerability was identified in the file download functionality. This vulnerability allows users to download sensitive documents without authentication, if the URL is known. The…
Impact Assessment
| Base Score | 5.9 |
|---|---|
| Severity | MEDIUM |