CVE-2025-31511

July 22, 2025 invoker category_cve

CVE Details

Basic Information

Title CVE-2025-31511
Type cve
Published 2025-07-22T20:15:24
Last Seen 2025-07-22T20:26:00
Modified 2025-07-22T20:15:24

CVSS Information

Base Score 7.3 (HIGH)
Attack Vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

AI Analysis

AI Description A vulnerability in AlertEnterprise Guardian allows attackers to bypass manager approval by altering the user ID in a requestSubmit API call, potentially leading to unauthorized access.
AI Severity High
AI Vendor AlertEnterprise Inc.
AI Product AlertEnterprise Guardian
AI Version 4.1.14.2.2.1

Additional Information

CVE List CVE-2025-31511
CWE List CWE-290
Bulletin Family cve

Description

An issue was discovered in AlertEnterprise Guardian 4.1.14.2.2.1. One can bypass manager approval by changing the user ID in a Request%20Building%20Access requestSubmit API call.

💭 Join the Security Discussion

🔒 Your email address will not be published. Required fields are marked *

⚠️ Please be respectful and constructive in your comments. Security discussions should remain professional.