CVE Details
Basic Information
| Title |
JeeWMS File generateController.do dogenerate access control |
| Type |
cve |
| Published |
2025-05-31T17:31:06.860Z |
| Last Seen |
|
Product Information
| Vendor |
n/a |
| Product |
JeeWMS |
| Version |
20250504 |
CVSS Information
| Base Score |
5.3 (MEDIUM) |
| Attack Vector |
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
A critical vulnerability in JeeWMS allows unauthorized remote attackers to bypass access controls via the /generateController.do?dogenerate endpoint, potentially compromising the system. The product uses a rolling release model, so no specific version details are available. |
| AI Severity |
Medium |
| Vendor |
JeeWMS Team |
| Product |
JeeWMS |
| Affected Version |
20250504 |
Additional Information
| CVE List |
|
| CWE List |
CWE-284, CWE-266 |
| Bulletin Family |
|
| Source Data |
n/a JeeWMS 20250504 |
Source Information
| Source Data |
n/a JeeWMS 20250504 |
| Source Link |
|
Description
A vulnerability classified as critical has been found in JeeWMS up to 20250504. Affected is the function dogenerate of the file /generateController.do?dogenerate of the component File Handler. The manipulation leads to improper access controls. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available.
CVSS Score Summary
View Full CVE Details
