CVE 9.3 CRITICAL

Authentication Bypass in Sparx Pro Cloud Server_CVE-2026-42097

May 19, 2026 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Description

Sparx Pro Cloud Server requires authentication based on requested URL. An attacker can omit the "model" query parameter and send the model name only in the binary blob in POST request allowing SQL query execution without authentication.

The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.

AI Analysis

Authentication Bypass vulnerability in Sparx Pro Cloud Server allowing SQL query execution without authentication

Basic Information

ID CVE-2026-42097

Source CERT-PL

Published May 19, 2026 at 12:59

Affected Product

Vendor Sparx Systems

Product Pro Cloud Server

Affected Versions Sparx Systems Pro Cloud Server 0

CWE Classification

CWE-639

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Sparx Systems

Product Pro Cloud Server

Version 6.1 (build 167) and below

References

{
    "lastseen": "",
    "description": "Sparx Pro Cloud Server\u00a0requires authentication based on requested URL. An\u00a0attacker can omit the \"model\" query parameter and send the model name only in the binary blob in POST request\u00a0allowing SQL query execution without authentication.\n\nThe vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below were tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable.",
    "published": "2026-05-19T12:59:19.821Z",
    "modified": "2026-05-19T12:59:19.821Z",
    "type": "cve",
    "title": "Authentication Bypass in Sparx Pro Cloud Server",
    "source": "CERT-PL",
    "references": "https://cert.pl/en/posts/2026/05/CVE-2026-42096\nhttps://sparxsystems.com/products/procloudserver/\nhttps://sploit.tech/2026/05/19/Sparx-Enterprise-Architect-PCS.html\nhttps://efigo.pl/blog/CVE-2026-42096/",
    "id": "CVE-2026-42097",
    "bulletinFamily": "",
    "cwe": [
        "CWE-639"
    ],
    "cvelist": null,
    "sourceData": "Sparx Systems Pro Cloud Server 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Pro Cloud Server",
    "version": "0",
    "vendor": "Sparx Systems",
    "ai_description": "Authentication Bypass vulnerability in Sparx Pro Cloud Server allowing SQL query execution without authentication",
    "ai_severity": "Critical",
    "ai_vendor": "Sparx Systems",
    "ai_product": "Pro Cloud Server",
    "ai_version": "6.1 (build 167) and below",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply