CVE-2025-51532

August 6, 2025 invoker category_cve

CVE Details

Basic Information

Title	CVE-2025-51532
Type	cve
Published	2025-08-06T00:00:00.000Z
Modified	2025-08-06T15:36:23.769Z

Product Information

Vendor	n/a
Product	n/a
Version	n/a

CVSS Information

Base Score	7.5 (HIGH)
Attack Vector	CVSS:3.1/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N

AI Analysis

AI Description	A vulnerability in Sage DPW v2024.12.003 allows unauthorized access to the Database Monitor via crafted requests. This issue has been fixed in version 2024_12_004.
AI Severity	Medium
AI Vendor	Sage Group
AI Product	Sage DPW
AI Version	2024.12.003

Affected Products

n/a n/a n/a

Additional Information

Source	mitre

Description

Incorrect access control in Sage DPW v2024.12.003 allows unauthorized attackers to access the built-in Database Monitor via a crafted request. This is fixed in Halbjahresversion 2024_12_004.

References

https://www.sec4you-pentest.com/schwachstellen/
https://www.sec4you-pentest.com/schwachstelle/sage-dpw-unauthentifizierter-zugriff-adminbereich-db-monitor/

View Full CVE Details