Common Weakness Enumeration

CWE-1287

Allowed

Improper Validation of Specified Type of Input

Abstraction: Base · Status: Incomplete

The product receives input that is expected to be of a certain type, but it does not validate or incorrectly validates that the input is actually of the expected type.

259 vulnerabilities reference this CWE, most recent first.

CVE-2025-30027 (GCVE-0-2025-30027)

Vulnerability from cvelistv5 – Published: 2025-08-12 05:18 – Updated: 2026-02-26 17:49
VLAI
Summary
An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP application.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
Impacted products
Vendor Product Version
Axis Communications AB AXIS OS Affected: 12.0.0 , < 12.3.36 (semver)
Create a notification for this product.
Credits
URCQ
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-30027",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-14T03:56:12.580570Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:49:43.219Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "AXIS OS",
          "vendor": "Axis Communications AB",
          "versions": [
            {
              "lessThan": "12.3.36",
              "status": "affected",
              "version": "12.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "URCQ"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP\u0026nbsp;application."
            }
          ],
          "value": "An ACAP configuration file lacked sufficient input validation, which could allow for arbitrary code execution. This vulnerability can only be exploited if the Axis device is configured to allow the installation of unsigned ACAP applications, and if an attacker convinces the victim to install a malicious ACAP\u00a0application."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-12T05:19:14.146Z",
        "orgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
        "shortName": "Axis"
      },
      "references": [
        {
          "url": "https://www.axis.com/dam/public/ab/9a/a5/cve-2025-30027pdf-en-US-492762.pdf"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f2daf9a0-02c2-4b83-a01d-63b3b304b807",
    "assignerShortName": "Axis",
    "cveId": "CVE-2025-30027",
    "datePublished": "2025-08-12T05:18:26.937Z",
    "dateReserved": "2025-03-14T05:27:55.732Z",
    "dateUpdated": "2026-02-26T17:49:43.219Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-25186 (GCVE-0-2025-25186)

Vulnerability from cvelistv5 – Published: 2025-02-10 15:55 – Updated: 2025-02-12 15:46
VLAI
Title
Net::IMAP vulnerable to possible DoS by memory exhaustion
Summary
Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in `net-imap`'s response parser. At any time while the client is connected, a malicious server can send can send highly compressed `uid-set` data which is automatically read by the client's receiver thread. The response parser uses `Range#to_a` to convert the `uid-set` data into arrays of integers, with no limitation on the expanded size of the ranges. Versions 0.3.8, 0.4.19, 0.5.6, and higher fix this issue. Additional details for proper configuration of fixed versions and backward compatibility are available in the GitHub Security Advisory.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-400 - Uncontrolled Resource Consumption
  • CWE-405 - Asymmetric Resource Consumption (Amplification)
  • CWE-409 - Improper Handling of Highly Compressed Data (Data Amplification)
  • CWE-770 - Allocation of Resources Without Limits or Throttling
  • CWE-789 - Memory Allocation with Excessive Size Value
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
Impacted products
Vendor Product Version
ruby net-imap Affected: >= 0.3.2, < 0.3.8
Affected: >= 0.4.0, < 0.4.19
Affected: >= 0.5.0, < 0.5.6
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-25186",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-10T16:13:53.189390Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T15:46:11.581Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "net-imap",
          "vendor": "ruby",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 0.3.2, \u003c 0.3.8"
            },
            {
              "status": "affected",
              "version": "\u003e= 0.4.0, \u003c 0.4.19"
            },
            {
              "status": "affected",
              "version": "\u003e= 0.5.0, \u003c 0.5.6"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Net::IMAP implements Internet Message Access Protocol (IMAP) client functionality in Ruby. Starting in version 0.3.2 and prior to versions 0.3.8, 0.4.19, and 0.5.6, there is a possibility for denial of service by memory exhaustion in `net-imap`\u0027s response parser.  At any time while the client is connected, a malicious server can send  can send highly compressed `uid-set` data which is automatically read by the client\u0027s receiver thread. The response parser uses `Range#to_a` to convert the `uid-set` data into arrays of integers, with no limitation on the expanded size of the ranges. Versions 0.3.8, 0.4.19, 0.5.6, and higher fix this issue. Additional details for proper configuration of fixed versions and backward compatibility are available in the GitHub Security Advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-400",
              "description": "CWE-400: Uncontrolled Resource Consumption",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-405",
              "description": "CWE-405: Asymmetric Resource Consumption (Amplification)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-409",
              "description": "CWE-409: Improper Handling of Highly Compressed Data (Data Amplification)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-770",
              "description": "CWE-770: Allocation of Resources Without Limits or Throttling",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-789",
              "description": "CWE-789: Memory Allocation with Excessive Size Value",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-10T15:55:56.666Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/ruby/net-imap/security/advisories/GHSA-7fc5-f82f-cx69",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/ruby/net-imap/security/advisories/GHSA-7fc5-f82f-cx69"
        },
        {
          "name": "https://github.com/ruby/net-imap/commit/70e3ddd071a94e450b3238570af482c296380b35",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ruby/net-imap/commit/70e3ddd071a94e450b3238570af482c296380b35"
        },
        {
          "name": "https://github.com/ruby/net-imap/commit/c8c5a643739d2669f0c9a6bb9770d0c045fd74a3",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ruby/net-imap/commit/c8c5a643739d2669f0c9a6bb9770d0c045fd74a3"
        },
        {
          "name": "https://github.com/ruby/net-imap/commit/cb92191b1ddce2d978d01b56a0883b6ecf0b1022",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/ruby/net-imap/commit/cb92191b1ddce2d978d01b56a0883b6ecf0b1022"
        }
      ],
      "source": {
        "advisory": "GHSA-7fc5-f82f-cx69",
        "discovery": "UNKNOWN"
      },
      "title": "Net::IMAP vulnerable to possible DoS by memory exhaustion"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-25186",
    "datePublished": "2025-02-10T15:55:56.666Z",
    "dateReserved": "2025-02-03T19:30:53.399Z",
    "dateUpdated": "2025-02-12T15:46:11.581Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-25020 (GCVE-0-2025-25020)

Vulnerability from cvelistv5 – Published: 2025-06-03 15:19 – Updated: 2025-08-24 12:00
VLAI
Title
IBM QRadar Suite Software and IBM Cloud Pak for Security improper input validation
Summary
IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an authenticated user to cause a denial of service due to improperly validating API data input.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
ibm
References
URL Tags
https://www.ibm.com/support/pages/node/7235432 vendor-advisorypatch
Impacted products
Vendor Product Version
IBM QRadar Suite Software Affected: 1.10.12.0 , ≤ 1.11.2.0 (semver)
    cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:qradar_suite:1.11.2.0:*:*:*:*:*:*:*
Create a notification for this product.
IBM Cloud Pak for Security Affected: 1.10.0.0 , ≤ 1.10.11.0 (semver)
    cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0:*:*:*:*:*:*:*
Create a notification for this product.
Credits
John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-25020",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-06-03T15:52:35.741232Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-06-03T15:52:47.258Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "cpes": [
            "cpe:2.3:a:ibm:qradar_suite:1.10.12.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:qradar_suite:1.11.2.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "QRadar Suite Software",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "1.11.2.0",
              "status": "affected",
              "version": "1.10.12.0",
              "versionType": "semver"
            }
          ]
        },
        {
          "cpes": [
            "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.0.0:*:*:*:*:*:*:*",
            "cpe:2.3:a:ibm:cloud_pak_for_security:1.10.11.0:*:*:*:*:*:*:*"
          ],
          "defaultStatus": "unaffected",
          "product": "Cloud Pak for Security",
          "vendor": "IBM",
          "versions": [
            {
              "lessThanOrEqual": "1.10.11.0",
              "status": "affected",
              "version": "1.10.0.0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "John Zuccato, Rodney Ryan, Chris Shepherd, Vince Dragnea, Ben Goodspeed, Dawid Bak"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an authenticated user to cause a denial of service due to improperly validating API data input."
            }
          ],
          "value": "IBM QRadar Suite Software 1.10.12.0 through 1.11.2.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 could allow an authenticated user to cause a denial of service due to improperly validating API data input."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-24T12:00:36.733Z",
        "orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
        "shortName": "ibm"
      },
      "references": [
        {
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://www.ibm.com/support/pages/node/7235432"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "IBM strongly encourages customers to update their systems promptly.\u003cbr\u003e\u003cbr\u003ePlease upgrade to at least version 1.11.3.0 according to the following instructions:\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing\"\u003ehttps://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing\u003c/a\u003e\u003cbr\u003e\u003cbr\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading\"\u003ehttps://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading\u003c/a\u003e\u003cbr\u003e"
            }
          ],
          "value": "IBM strongly encourages customers to update their systems promptly.\n\nPlease upgrade to at least version 1.11.3.0 according to the following instructions:\n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=installing \n\n https://www.ibm.com/docs/en/cloud-paks/cp-security/1.11?topic=upgrading"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "IBM QRadar Suite Software and IBM Cloud Pak for Security improper input validation",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
    "assignerShortName": "ibm",
    "cveId": "CVE-2025-25020",
    "datePublished": "2025-06-03T15:19:41.438Z",
    "dateReserved": "2025-01-31T16:26:45.223Z",
    "dateUpdated": "2025-08-24T12:00:36.733Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24876 (GCVE-0-2025-24876)

Vulnerability from cvelistv5 – Published: 2025-02-11 00:37 – Updated: 2025-02-21 16:46
VLAI
Title
Authentication bypass via authorization code injection in SAP Approuter
Summary
The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the application
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
  • CWE-302 - Authentication Bypass by Assumed-Immutable Data
Assigner
sap
Impacted products
Vendor Product Version
SAP_SE SAP Approuter Node.js package Affected: 2.6.1 to 16.7.1
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24876",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-11T05:44:23.770147Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-21T16:46:32.934Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "SAP Approuter Node.js package",
          "vendor": "SAP_SE",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.1 to 16.7.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eThe SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the application\u003c/p\u003e"
            }
          ],
          "value": "The SAP Approuter Node.js package version v16.7.1 and before is vulnerable to Authentication bypass. When trading an authorization code an attacker can steal the session of the victim by injecting malicious payload causing High impact on confidentiality and integrity of the application"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 8.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "eng",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-302",
              "description": "CWE-302: Authentication Bypass by Assumed-Immutable Data",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-18T19:28:24.683Z",
        "orgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
        "shortName": "sap"
      },
      "references": [
        {
          "url": "https://me.sap.com/notes/3567974"
        },
        {
          "url": "https://www.npmjs.com/package/@sap/approuter?activeTab=versions"
        },
        {
          "url": "https://url.sap/sapsecuritypatchday"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "title": "Authentication bypass via authorization code injection in SAP Approuter",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "e4686d1a-f260-4930-ac4c-2f5c992778dd",
    "assignerShortName": "sap",
    "cveId": "CVE-2025-24876",
    "datePublished": "2025-02-11T00:37:40.988Z",
    "dateReserved": "2025-01-27T08:57:48.546Z",
    "dateUpdated": "2025-02-21T16:46:32.934Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-24804 (GCVE-0-2025-24804)

Vulnerability from cvelistv5 – Published: 2025-02-05 18:41 – Updated: 2025-02-12 19:41
VLAI
Title
Partial Denial of Service (DoS) in MobSF
Summary
Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. According to Apple's documentation for bundle ID's, it must contain only alphanumeric characters (A–Z, a–z, and 0–9), hyphens (-), and periods (.). However, an attacker can manually modify this value in the `Info.plist` file and add special characters to the `<key>CFBundleIdentifier</key>` value. When the application parses the wrong characters in the bundle ID, it encounters an error. As a result, it will not display content and will throw a 500 error instead. The only way to make the pages work again is to manually remove the malicious application from the system. This issue has been addressed in version 4.3.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
SSVC
Exploitation: poc Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-24804",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-05T19:07:14.580612Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T19:41:05.675Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Mobile-Security-Framework-MobSF",
          "vendor": "MobSF",
          "versions": [
            {
              "status": "affected",
              "version": "= 4.3.0"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework. According to Apple\u0027s documentation for bundle ID\u0027s, it must contain only alphanumeric characters (A\u2013Z, a\u2013z, and 0\u20139), hyphens (-), and periods (.). However, an attacker can manually modify this value in the `Info.plist` file and add special characters to the `\u003ckey\u003eCFBundleIdentifier\u003c/key\u003e` value. When the application parses the wrong characters in the bundle ID, it encounters an error. As a result, it will not display content and will throw a 500 error instead. The only way to make the pages work again is to manually remove the malicious application from the system. This issue has been addressed in version 4.3.1 and all users are advised to upgrade. There are no known workarounds for this vulnerability."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 4.8,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "HIGH",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "PASSIVE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "NONE"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-05T18:41:15.873Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-jrm8-xgf3-fwqr",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-jrm8-xgf3-fwqr"
        },
        {
          "name": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/05206e72cae35b311615a70e51e1a946955c5e83",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/05206e72cae35b311615a70e51e1a946955c5e83"
        },
        {
          "name": "https://developer.apple.com/documentation/bundleresources/information-property-list/cfbundleidentifier",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://developer.apple.com/documentation/bundleresources/information-property-list/cfbundleidentifier"
        }
      ],
      "source": {
        "advisory": "GHSA-jrm8-xgf3-fwqr",
        "discovery": "UNKNOWN"
      },
      "title": "Partial Denial of Service (DoS) in MobSF"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-24804",
    "datePublished": "2025-02-05T18:41:15.873Z",
    "dateReserved": "2025-01-23T17:11:35.840Z",
    "dateUpdated": "2025-02-12T19:41:05.675Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-21083 (GCVE-0-2025-21083)

Vulnerability from cvelistv5 – Published: 2025-01-15 16:10 – Updated: 2025-01-15 16:48
VLAI
Title
Insufficient Input Validation on Post Props
Summary
Mattermost Mobile Apps versions <=2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
Vendor Product Version
Mattermost Mattermost Affected: 0 , ≤ 2.22.0 (semver)
Unaffected: 2.23.0
Create a notification for this product.
Credits
c0rydoras (c0rydoras)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-21083",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-15T16:48:42.690406Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-15T16:48:49.749Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "2.22.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2.23.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "c0rydoras (c0rydoras)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMattermost Mobile Apps versions \u0026lt;=2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post.\u003c/p\u003e"
            }
          ],
          "value": "Mattermost Mobile Apps versions \u003c=2.22.0 fail to properly validate post props which allows a malicious authenticated user to cause a crash via a malicious post."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-15T16:10:48.325Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost Mobile Apps to versions 2.23.0 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost Mobile Apps to versions 2.23.0 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00399",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-62531"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Insufficient Input Validation on Post Props",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-21083",
    "datePublished": "2025-01-15T16:10:48.325Z",
    "dateReserved": "2025-01-14T00:19:35.062Z",
    "dateUpdated": "2025-01-15T16:48:49.749Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-20756 (GCVE-0-2025-20756)

Vulnerability from cvelistv5 – Published: 2025-12-02 02:34 – Updated: 2026-02-17 14:27
VLAI
Summary
In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "ADJACENT_NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 6.5,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2025-20756",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-02T14:34:24.833434Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-17T14:27:33.293Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "MT2735, MT6833, MT6833P, MT6853, MT6853T, MT6855, MT6855T, MT6873, MT6875, MT6875T, MT6877, MT6877T, MT6877TT, MT6880, MT6883, MT6885, MT6889, MT6890, MT6891, MT6893, MT8673, MT8675, MT8676, MT8678, MT8755, MT8771, MT8791, MT8791T, MT8792, MT8793, MT8795T, MT8797, MT8798, MT8863, MT8873, MT8883, MT8893",
          "vendor": "MediaTek, Inc.",
          "versions": [
            {
              "status": "affected",
              "version": "Modem NR15"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In Modem, there is a possible system crash due to a logic error. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: MOLY01673749; Issue ID: MSV-4643."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287 Specified Type",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-02T02:34:16.530Z",
        "orgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
        "shortName": "MediaTek"
      },
      "references": [
        {
          "url": "https://corp.mediatek.com/product-security-bulletin/December-2025"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "ee979b05-11f8-4f25-a7e0-a1fa9c190374",
    "assignerShortName": "MediaTek",
    "cveId": "CVE-2025-20756",
    "datePublished": "2025-12-02T02:34:16.530Z",
    "dateReserved": "2024-11-01T01:21:50.397Z",
    "dateUpdated": "2026-02-17T14:27:33.293Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-20630 (GCVE-0-2025-20630)

Vulnerability from cvelistv5 – Published: 2025-01-16 18:18 – Updated: 2025-01-16 18:55
VLAI
Title
Mobile crash via object that can't be cast to String in Attachment Field
Summary
Mattermost Mobile versions <=2.22.0 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the mobile to crash via creating and sending such a post to a channel.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
Vendor Product Version
Mattermost Mattermost Affected: 0 , ≤ <=2.22.0 (semver)
Unaffected: 2.23.0
Create a notification for this product.
Credits
c0rydoras (c0rydoras)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20630",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T18:54:57.228284Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T18:55:51.501Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "\u003c=2.22.0",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "2.23.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "c0rydoras (c0rydoras)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Mattermost Mobile versions \u0026lt;=2.22.0 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the mobile to crash via creating and sending such a post to a channel."
            }
          ],
          "value": "Mattermost Mobile versions \u003c=2.22.0 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the mobile to crash via creating and sending such a post to a channel."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-16T18:18:58.742Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost Mobile to version 2.23.0 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost Mobile to version 2.23.0 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00390",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-61161"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Mobile crash via object that can\u0027t be cast to String in Attachment Field",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-20630",
    "datePublished": "2025-01-16T18:18:58.742Z",
    "dateReserved": "2025-01-16T18:10:41.938Z",
    "dateUpdated": "2025-01-16T18:55:51.501Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-20621 (GCVE-0-2025-20621)

Vulnerability from cvelistv5 – Published: 2025-01-16 18:16 – Updated: 2025-01-16 18:57
VLAI
Title
Webapp crash via object that can't be cast to String in Attachment Field
Summary
Mattermost versions 10.2.x <= 10.2.0, 9.11.x <= 9.11.5, 10.0.x <= 10.0.3, 10.1.x <= 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the webapp to crash via creating and sending such a post to a channel.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
Vendor Product Version
Mattermost Mattermost Affected: 10.2.0 , ≤ 10.2.0 (semver)
Affected: 9.11.0 , ≤ 9.11.5 (semver)
Affected: 10.0.0 , ≤ 10.0.3 (semver)
Affected: 10.1.0 , ≤ 10.1.3 (semver)
Unaffected: 10.3.0
Unaffected: 2.23.0
Unaffected: 10.2.1
Unaffected: 9.11.6
Unaffected: 10.0.4
Unaffected: 10.1.4
Create a notification for this product.
Credits
c0rydoras (c0rydoras)
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20621",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-16T18:56:53.748130Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-16T18:57:02.927Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Mattermost",
          "vendor": "Mattermost",
          "versions": [
            {
              "lessThanOrEqual": "10.2.0",
              "status": "affected",
              "version": "10.2.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "9.11.5",
              "status": "affected",
              "version": "9.11.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.0.3",
              "status": "affected",
              "version": "10.0.0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "10.1.3",
              "status": "affected",
              "version": "10.1.0",
              "versionType": "semver"
            },
            {
              "status": "unaffected",
              "version": "10.3.0"
            },
            {
              "status": "unaffected",
              "version": "2.23.0"
            },
            {
              "status": "unaffected",
              "version": "10.2.1"
            },
            {
              "status": "unaffected",
              "version": "9.11.6"
            },
            {
              "status": "unaffected",
              "version": "10.0.4"
            },
            {
              "status": "unaffected",
              "version": "10.1.4"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "c0rydoras (c0rydoras)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "Mattermost versions 10.2.x \u0026lt;= 10.2.0, 9.11.x \u0026lt;= 9.11.5, 10.0.x \u0026lt;= 10.0.3, 10.1.x \u0026lt;= 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the webapp to crash via creating and sending such a post to a channel."
            }
          ],
          "value": "Mattermost versions 10.2.x \u003c= 10.2.0, 9.11.x \u003c= 9.11.5, 10.0.x \u003c= 10.0.3, 10.1.x \u003c= 10.1.3 fail to properly handle posts with attachments containing fields that cannot be cast to a String, which allows an attacker to cause the webapp to crash via creating and sending such a post to a channel."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "CWE-1287: Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-16T18:16:28.042Z",
        "orgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
        "shortName": "Mattermost"
      },
      "references": [
        {
          "url": "https://mattermost.com/security-updates"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eUpdate Mattermost to versions 10.3.0, 2.23.0, 10.2.1, 9.11.6, 10.0.4, 10.1.4 or higher.\u003c/p\u003e"
            }
          ],
          "value": "Update Mattermost to versions 10.3.0, 2.23.0, 10.2.1, 9.11.6, 10.0.4, 10.1.4 or higher."
        }
      ],
      "source": {
        "advisory": "MMSA-2024-00390",
        "defect": [
          "https://mattermost.atlassian.net/browse/MM-61161"
        ],
        "discovery": "EXTERNAL"
      },
      "title": "Webapp crash via object that can\u0027t be cast to String in Attachment Field",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9302f53e-dde5-4bf3-b2f2-a83f91ac0eee",
    "assignerShortName": "Mattermost",
    "cveId": "CVE-2025-20621",
    "datePublished": "2025-01-16T18:16:28.042Z",
    "dateReserved": "2025-01-16T18:10:41.926Z",
    "dateUpdated": "2025-01-16T18:57:02.927Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2025-20327 (GCVE-0-2025-20327)

Vulnerability from cvelistv5 – Published: 2025-09-24 17:11 – Updated: 2025-09-24 18:11
VLAI
Summary
A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker with low privileges to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted URL in an HTTP request. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1287 - Improper Validation of Specified Type of Input
Assigner
Impacted products
Vendor Product Version
Cisco IOS Affected: 15.2(6)E2
Affected: 15.2(7)E
Affected: 15.2(6)E2a
Affected: 15.2(6)E2b
Affected: 15.2(7)E1
Affected: 15.2(7)E0a
Affected: 15.2(7)E0b
Affected: 15.2(7)E0s
Affected: 15.2(6)E3
Affected: 15.2(7)E2
Affected: 15.2(7a)E0b
Affected: 15.2(7)E3
Affected: 15.2(7)E1a
Affected: 15.2(7b)E0b
Affected: 15.2(7)E2a
Affected: 15.2(7)E4
Affected: 15.2(7)E3k
Affected: 15.2(8)E
Affected: 15.2(8)E1
Affected: 15.2(7)E5
Affected: 15.2(7)E6
Affected: 15.2(8)E2
Affected: 15.2(7)E7
Affected: 15.2(8)E3
Affected: 15.2(7)E8
Affected: 15.2(8)E4
Affected: 15.2(7)E9
Affected: 15.2(8)E5
Affected: 15.2(7)E10
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-20327",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-09-24T18:08:55.351442Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-09-24T18:11:26.278Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "IOS",
          "vendor": "Cisco",
          "versions": [
            {
              "status": "affected",
              "version": "15.2(6)E2"
            },
            {
              "status": "affected",
              "version": "15.2(7)E"
            },
            {
              "status": "affected",
              "version": "15.2(6)E2a"
            },
            {
              "status": "affected",
              "version": "15.2(6)E2b"
            },
            {
              "status": "affected",
              "version": "15.2(7)E1"
            },
            {
              "status": "affected",
              "version": "15.2(7)E0a"
            },
            {
              "status": "affected",
              "version": "15.2(7)E0b"
            },
            {
              "status": "affected",
              "version": "15.2(7)E0s"
            },
            {
              "status": "affected",
              "version": "15.2(6)E3"
            },
            {
              "status": "affected",
              "version": "15.2(7)E2"
            },
            {
              "status": "affected",
              "version": "15.2(7a)E0b"
            },
            {
              "status": "affected",
              "version": "15.2(7)E3"
            },
            {
              "status": "affected",
              "version": "15.2(7)E1a"
            },
            {
              "status": "affected",
              "version": "15.2(7b)E0b"
            },
            {
              "status": "affected",
              "version": "15.2(7)E2a"
            },
            {
              "status": "affected",
              "version": "15.2(7)E4"
            },
            {
              "status": "affected",
              "version": "15.2(7)E3k"
            },
            {
              "status": "affected",
              "version": "15.2(8)E"
            },
            {
              "status": "affected",
              "version": "15.2(8)E1"
            },
            {
              "status": "affected",
              "version": "15.2(7)E5"
            },
            {
              "status": "affected",
              "version": "15.2(7)E6"
            },
            {
              "status": "affected",
              "version": "15.2(8)E2"
            },
            {
              "status": "affected",
              "version": "15.2(7)E7"
            },
            {
              "status": "affected",
              "version": "15.2(8)E3"
            },
            {
              "status": "affected",
              "version": "15.2(7)E8"
            },
            {
              "status": "affected",
              "version": "15.2(8)E4"
            },
            {
              "status": "affected",
              "version": "15.2(7)E9"
            },
            {
              "status": "affected",
              "version": "15.2(8)E5"
            },
            {
              "status": "affected",
              "version": "15.2(7)E10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A vulnerability in the web UI of Cisco IOS Software could allow an authenticated, remote attacker with low privileges to cause a denial of service (DoS) condition on an affected device.\r\n\r This vulnerability is due to improper input validation. An attacker could exploit this vulnerability by sending a crafted URL in an HTTP request. A successful exploit could allow the attacker to cause the affected device to reload, resulting in a DoS condition."
        }
      ],
      "exploits": [
        {
          "lang": "en",
          "value": "The Cisco Product Security Incident Response Team (PSIRT) is not aware of any public announcements or malicious use of the vulnerability that is described in this advisory."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.7,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "cvssV3_1"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1287",
              "description": "Improper Validation of Specified Type of Input",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-09-24T17:11:44.744Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "name": "cisco-sa-ios-invalid-url-dos-Nvxszf6u",
          "url": "https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ios-invalid-url-dos-Nvxszf6u"
        }
      ],
      "source": {
        "advisory": "cisco-sa-ios-invalid-url-dos-Nvxszf6u",
        "defects": [
          "CSCwo34150"
        ],
        "discovery": "EXTERNAL"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2025-20327",
    "datePublished": "2025-09-24T17:11:44.744Z",
    "dateReserved": "2024-10-10T19:15:13.254Z",
    "dateUpdated": "2025-09-24T18:11:26.278Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Mitigation MIT-5
Implementation

Strategy: Input Validation

  • Assume all input is malicious. Use an "accept known good" input validation strategy, i.e., use a list of acceptable inputs that strictly conform to specifications. Reject any input that does not strictly conform to specifications, or transform it into something that does.
  • When performing input validation, consider all potentially relevant properties, including length, type of input, the full range of acceptable values, missing or extra inputs, syntax, consistency across related fields, and conformance to business rules. As an example of business rule logic, "boat" may be syntactically valid because it only contains alphanumeric characters, but it is not valid if the input is only expected to contain colors such as "red" or "blue."
  • Do not rely exclusively on looking for malicious or malformed inputs. This is likely to miss at least one undesirable input, especially if the code's environment changes. This can give attackers enough room to bypass the intended validation. However, denylists can be useful for detecting potential attacks or determining which inputs are so malformed that they should be rejected outright.

No CAPEC attack patterns related to this CWE.