Search criteria
8 vulnerabilities found for Flowmon by Progress Software
CVE-2025-11906 (GCVE-0-2025-11906)
Vulnerability from cvelistv5 – Published: 2025-10-30 07:39 – Updated: 2025-10-31 03:55
VLAI?
Summary
A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization.
Severity ?
6.7 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Flowmon 12 versions prior to 12.5.6
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T03:55:28.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Flowmon 12 versions prior to 12.5.6",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization."
}
],
"value": "A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Manipulating Writeable Configuration Files"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T07:39:38.530Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/Progress-Flowmon-CVE-2025-11906"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Privilege escalation via writable configuration files in Progress Flowmon",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-11906",
"datePublished": "2025-10-30T07:39:38.530Z",
"dateReserved": "2025-10-17T10:50:29.793Z",
"dateUpdated": "2025-10-31T03:55:28.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10240 (GCVE-0-2025-10240)
Vulnerability from cvelistv5 – Published: 2025-10-09 12:43 – Updated: 2025-10-10 03:55
VLAI?
Summary
A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session.
Severity ?
8.8 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Versions prior to 12.5.5
(custom)
|
Credits
This vulnerability was discovered by Novee.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T03:55:21.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Versions prior to 12.5.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability was discovered by Novee."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session."
}
],
"value": "A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session."
}
],
"impacts": [
{
"capecId": "CAPEC-588",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-588 DOM-Based XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T12:43:40.906Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/Can-CVE-2025-10240-affect-Progress-Flowmon-appliance"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Possibility of unintended actions when a user clicks a malicious link in the Progress Flowmon web application",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10240",
"datePublished": "2025-10-09T12:43:40.906Z",
"dateReserved": "2025-09-10T16:28:15.198Z",
"dateUpdated": "2025-10-10T03:55:21.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10239 (GCVE-0-2025-10239)
Vulnerability from cvelistv5 – Published: 2025-10-09 12:42 – Updated: 2025-10-10 03:55
VLAI?
Summary
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Versions prior to 12.5.5
(custom)
|
Credits
This vulnerability was discovered by Kentaro Kawane.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T03:55:22.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Versions prior to 12.5.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability was discovered by Kentaro Kawane."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes."
}
],
"value": "In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T12:42:05.557Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/CVE-2025-10239"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unintended command execution via troubleshooting scripts in Progress Flowmon",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10239",
"datePublished": "2025-10-09T12:42:05.557Z",
"dateReserved": "2025-09-10T16:28:09.808Z",
"dateUpdated": "2025-10-10T03:55:22.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2389 (GCVE-0-2024-2389)
Vulnerability from cvelistv5 – Published: 2024-04-02 12:22 – Updated: 2024-08-01 19:11
VLAI?
Summary
In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.
Severity ?
10 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
11.X , < 11.1.14
(semver)
Affected: 12.X , < 12.3.5 (semver) |
Credits
Rhino Security Labs - David Yesland
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:progress:flowmon_os:11.x:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flowmon_os",
"vendor": "progress",
"versions": [
{
"lessThan": "11.1.14",
"status": "affected",
"version": "11.x",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:progress:flowmon_os:12.x:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flowmon_os",
"vendor": "progress",
"versions": [
{
"lessThan": "12.3.5",
"status": "affected",
"version": "12.x",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2389",
"options": [
{
"Exploitation": "PoC"
},
{
"Automatable": "Yes"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-30T04:00:08.691093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:30:21.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.flowmon.com"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "11.1.14",
"status": "affected",
"version": "11.X",
"versionType": "semver"
},
{
"lessThan": "12.3.5",
"status": "affected",
"version": "12.X",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rhino Security Labs - David Yesland"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.\u0026nbsp; An unauthenticated user\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecan\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003egain\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eentry\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esystem\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e via \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eFlowmon\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e management interface, \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallowing\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efor\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eexecution\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eof\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003earbitrary\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esystem\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecommands\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\n\n"
}
],
"value": "In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.\u00a0 An unauthenticated user\u00a0can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T12:37:37.544Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.flowmon.com"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Flowmon Unauthenticated Command Injection Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-2389",
"datePublished": "2024-04-02T12:22:45.131Z",
"dateReserved": "2024-03-11T20:53:42.295Z",
"dateUpdated": "2024-08-01T19:11:53.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-11906 (GCVE-0-2025-11906)
Vulnerability from nvd – Published: 2025-10-30 07:39 – Updated: 2025-10-31 03:55
VLAI?
Summary
A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization.
Severity ?
6.7 (Medium)
CWE
- CWE-732 - Incorrect Permission Assignment for Critical Resource
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Flowmon 12 versions prior to 12.5.6
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-11906",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T03:55:28.727Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Flowmon 12 versions prior to 12.5.6",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization."
}
],
"value": "A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization."
}
],
"impacts": [
{
"descriptions": [
{
"lang": "en",
"value": "Manipulating Writeable Configuration Files"
}
]
},
{
"descriptions": [
{
"lang": "en",
"value": "Code Inclusion"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-732",
"description": "CWE-732 Incorrect Permission Assignment for Critical Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T07:39:38.530Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/Progress-Flowmon-CVE-2025-11906"
}
],
"source": {
"discovery": "INTERNAL"
},
"title": "Privilege escalation via writable configuration files in Progress Flowmon",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-11906",
"datePublished": "2025-10-30T07:39:38.530Z",
"dateReserved": "2025-10-17T10:50:29.793Z",
"dateUpdated": "2025-10-31T03:55:28.727Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10240 (GCVE-0-2025-10240)
Vulnerability from nvd – Published: 2025-10-09 12:43 – Updated: 2025-10-10 03:55
VLAI?
Summary
A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session.
Severity ?
8.8 (High)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Versions prior to 12.5.5
(custom)
|
Credits
This vulnerability was discovered by Novee.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10240",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T03:55:21.833Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Versions prior to 12.5.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability was discovered by Novee."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session."
}
],
"value": "A vulnerability exists in the Progress Flowmon web application prior to version 12.5.5, whereby a user who clicks a malicious link provided by an attacker may inadvertently trigger unintended actions within their authenticated session."
}
],
"impacts": [
{
"capecId": "CAPEC-588",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-588 DOM-Based XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T12:43:40.906Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/Can-CVE-2025-10240-affect-Progress-Flowmon-appliance"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Possibility of unintended actions when a user clicks a malicious link in the Progress Flowmon web application",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10240",
"datePublished": "2025-10-09T12:43:40.906Z",
"dateReserved": "2025-09-10T16:28:15.198Z",
"dateUpdated": "2025-10-10T03:55:21.833Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-10239 (GCVE-0-2025-10239)
Vulnerability from nvd – Published: 2025-10-09 12:42 – Updated: 2025-10-10 03:55
VLAI?
Summary
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes.
Severity ?
7.2 (High)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
Versions prior to 12.5.5
(custom)
|
Credits
This vulnerability was discovered by Kentaro Kawane.
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T03:55:22.638Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"status": "affected",
"version": "Versions prior to 12.5.5",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "This vulnerability was discovered by Kentaro Kawane."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes."
}
],
"value": "In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with administrator privileges and access to the management interface to execute additional unintended commands within scripts intended for troubleshooting purposes."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-09T12:42:05.557Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://community.progress.com/s/article/CVE-2025-10239"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unintended command execution via troubleshooting scripts in Progress Flowmon",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2025-10239",
"datePublished": "2025-10-09T12:42:05.557Z",
"dateReserved": "2025-09-10T16:28:09.808Z",
"dateUpdated": "2025-10-10T03:55:22.638Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2389 (GCVE-0-2024-2389)
Vulnerability from nvd – Published: 2024-04-02 12:22 – Updated: 2024-08-01 19:11
VLAI?
Summary
In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified. An unauthenticated user can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.
Severity ?
10 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Progress Software | Flowmon |
Affected:
11.X , < 11.1.14
(semver)
Affected: 12.X , < 12.3.5 (semver) |
Credits
Rhino Security Labs - David Yesland
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:progress:flowmon_os:11.x:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flowmon_os",
"vendor": "progress",
"versions": [
{
"lessThan": "11.1.14",
"status": "affected",
"version": "11.x",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:progress:flowmon_os:12.x:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "flowmon_os",
"vendor": "progress",
"versions": [
{
"lessThan": "12.3.5",
"status": "affected",
"version": "12.x",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2389",
"options": [
{
"Exploitation": "PoC"
},
{
"Automatable": "Yes"
},
{
"Technical Impact": "Total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-04-30T04:00:08.691093Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:30:21.656Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.536Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"product",
"x_transferred"
],
"url": "https://www.flowmon.com"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "Flowmon",
"vendor": "Progress Software",
"versions": [
{
"lessThan": "11.1.14",
"status": "affected",
"version": "11.X",
"versionType": "semver"
},
{
"lessThan": "12.3.5",
"status": "affected",
"version": "12.X",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rhino Security Labs - David Yesland"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.\u0026nbsp; An unauthenticated user\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecan\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003egain\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eentry\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e to \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esystem\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e via \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eFlowmon\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e management interface, \u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eallowing\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003efor\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ethe\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eexecution\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eof\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003earbitrary\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003esystem\u003c/span\u003e \u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003ecommands\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e.\u003c/span\u003e\n\n"
}
],
"value": "In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection vulnerability has been identified.\u00a0 An unauthenticated user\u00a0can gain entry to the system via the Flowmon management interface, allowing for the execution of arbitrary system commands.\n\n"
}
],
"impacts": [
{
"capecId": "CAPEC-242",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-242 Code Injection"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 10,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-04-02T12:37:37.544Z",
"orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"shortName": "ProgressSoftware"
},
"references": [
{
"tags": [
"product"
],
"url": "https://www.flowmon.com"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://support.kemptechnologies.com/hc/en-us/articles/24878235038733-CVE-2024-2389-Flowmon-critical-security-vulnerability"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Flowmon Unauthenticated Command Injection Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
"assignerShortName": "ProgressSoftware",
"cveId": "CVE-2024-2389",
"datePublished": "2024-04-02T12:22:45.131Z",
"dateReserved": "2024-03-11T20:53:42.295Z",
"dateUpdated": "2024-08-01T19:11:53.536Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}