Incorrect authorization in Fudo Enterprise_CVE-2025-13480

5.1 / 10

MEDIUM

CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Description

Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings.
This vulnerability has been fixed in version 5.6.3

Basic Information

ID CVE-2025-13480

Source CERT-PL

Published Apr 20, 2026 at 09:00

Affected Product

Vendor Fudo Security

Product Fudo Enterprise

Version 5.5.0

Affected Versions Fudo Security Fudo Enterprise 5.5.0

CWE Classification

CWE-863

References

{
    "lastseen": "",
    "description": "Fudo Enterprise in versions from 5.5.0 through 5.6.2 allows low privileged users to access certain administrator-only resources via improperly protected API endpoints. This includes sensitive information such as system logs and parts of system configuration settings.\nThis vulnerability has been fixed in version 5.6.3",
    "published": "2026-04-20T09:00:16.259Z",
    "modified": "2026-04-20T09:00:16.259Z",
    "type": "cve",
    "title": "Incorrect authorization in Fudo Enterprise",
    "source": "CERT-PL",
    "references": "https://www.fudosecurity.com/product/enterprise\nhttps://cert.pl/en/posts/2026/04/CVE-2025-13480\nhttps://download.fudosecurity.com/documentation/fudo/5_6/rn/RN_5.6.3.pdf",
    "id": "CVE-2025-13480",
    "bulletinFamily": "",
    "cwe": [
        "CWE-863"
    ],
    "cvelist": null,
    "sourceData": "Fudo Security Fudo Enterprise 5.5.0",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Fudo Enterprise",
    "version": "5.5.0",
    "vendor": "Fudo Security",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}