Search criteria
2 vulnerabilities by SYNCPILOT
CVE-2025-2306 (GCVE-0-2025-2306)
Vulnerability from cvelistv5 – Published: 2025-05-16 12:10 – Updated: 2025-05-16 13:02
VLAI?
Summary
An Improper Access Control vulnerability was
identified in the file download functionality. This vulnerability allows users
to download sensitive documents without authentication, if the URL is known.
The attack
requires the attacker to know the documents UUIDv4.
Severity ?
5.9 (Medium)
CWE
- CWE-284 - Improper Access Control
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SYNCPILOT | LIVE CONTRACT |
Affected:
3 , < 5.4.12
(semver)
Affected: 5.5 , < 5.5.4 (semver) Affected: 5.6 , < 5.6.3 (semver) |
Credits
Felix Schmid <felix.schmid@cirosec.de>
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2306",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T13:02:34.088925Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T13:02:39.876Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LIVE CONTRACT",
"vendor": "SYNCPILOT",
"versions": [
{
"lessThan": "5.4.12",
"status": "affected",
"version": "3",
"versionType": "semver"
},
{
"lessThan": "5.5.4",
"status": "affected",
"version": "5.5",
"versionType": "semver"
},
{
"lessThan": "5.6.3",
"status": "affected",
"version": "5.6",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Felix Schmid \u003cfelix.schmid@cirosec.de\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAn Improper Access Control vulnerability was\nidentified in the file download functionality. This vulnerability allows users\nto download sensitive documents without authentication, if the URL is known.\u003c/p\u003e\n\n\u003cp\u003eThe attack\nrequires the attacker to know the documents UUIDv4.\u003c/p\u003e"
}
],
"value": "An Improper Access Control vulnerability was\nidentified in the file download functionality. This vulnerability allows users\nto download sensitive documents without authentication, if the URL is known.\n\n\n\nThe attack\nrequires the attacker to know the documents UUIDv4."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284 Improper Access Control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T12:10:13.895Z",
"orgId": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"shortName": "cirosec"
},
"references": [
{
"url": "https://www.cirosec.de/sa/sa-2025-004"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to versions\u0026nbsp;5.4.12, 5.5.4, 5.6.3 or higher."
}
],
"value": "Update to versions\u00a05.4.12, 5.5.4, 5.6.3 or higher."
}
],
"source": {
"advisory": "SA-2025-004",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-04T23:00:00.000Z",
"value": "Vendor was contacted and informed about the vulnerability via email."
},
{
"lang": "en",
"time": "2025-03-04T23:00:00.000Z",
"value": "Initial response received from vendor. Vendor acknowledged the vulnerability."
},
{
"lang": "en",
"time": "2025-03-12T23:00:00.000Z",
"value": "Vendor informed us that the issue was resolved."
}
],
"title": "Improper Access Control vulnerability in LIVE CONTRACT",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"assignerShortName": "cirosec",
"cveId": "CVE-2025-2306",
"datePublished": "2025-05-16T12:10:13.895Z",
"dateReserved": "2025-03-14T12:24:19.522Z",
"dateUpdated": "2025-05-16T13:02:39.876Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-2305 (GCVE-0-2025-2305)
Vulnerability from cvelistv5 – Published: 2025-05-16 12:09 – Updated: 2025-05-16 13:04
VLAI?
Summary
A Path traversal vulnerability in the file
download functionality was identified. This vulnerability allows
unauthenticated users to download arbitrary files, in the context of the
application server, from the Linux server.
Severity ?
8.6 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| SYNCPILOT | LIVE CONTRACT |
Affected:
3 , < 5.4.12
(semver)
Affected: 5.5 , < 5.5.4 (semver) Affected: 5.6 , < 5.6.3 (semver) |
Credits
Felix Schmid <felix.schmid@cirosec.de>
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2305",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-16T13:04:19.139164Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T13:04:26.030Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "LIVE CONTRACT",
"vendor": "SYNCPILOT",
"versions": [
{
"lessThan": "5.4.12",
"status": "affected",
"version": "3",
"versionType": "semver"
},
{
"lessThan": "5.5.4",
"status": "affected",
"version": "5.5",
"versionType": "semver"
},
{
"lessThan": "5.6.3",
"status": "affected",
"version": "5.6",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Felix Schmid \u003cfelix.schmid@cirosec.de\u003e"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA Path traversal vulnerability in the file\ndownload functionality was identified. This vulnerability allows\nunauthenticated users to download arbitrary files, in the context of the\napplication server, from the Linux server.\u003c/p\u003e"
}
],
"value": "A Path traversal vulnerability in the file\ndownload functionality was identified. This vulnerability allows\nunauthenticated users to download arbitrary files, in the context of the\napplication server, from the Linux server."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-16T12:09:41.347Z",
"orgId": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"shortName": "cirosec"
},
"references": [
{
"url": "https://www.cirosec.de/sa/sa-2025-003"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to versions\u0026nbsp;5.4.12, 5.5.4, 5.6.3 or higher."
}
],
"value": "Update to versions\u00a05.4.12, 5.5.4, 5.6.3 or higher."
}
],
"source": {
"advisory": "SA-2025-004",
"discovery": "EXTERNAL"
},
"timeline": [
{
"lang": "en",
"time": "2025-03-04T23:00:00.000Z",
"value": "Vendor was contacted and informed about the vulnerability via email."
},
{
"lang": "en",
"time": "2025-03-04T23:00:00.000Z",
"value": "Initial response received from vendor. Vendor acknowledged the vulnerability."
},
{
"lang": "en",
"time": "2025-03-12T23:00:00.000Z",
"value": "Vendor informed us that the issue was resolved."
}
],
"title": "Local file inclusion vulnerability in LIVE CONTRACT",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "a341c0d1-ebf7-493f-a84e-38cf86618674",
"assignerShortName": "cirosec",
"cveId": "CVE-2025-2305",
"datePublished": "2025-05-16T12:09:41.347Z",
"dateReserved": "2025-03-14T12:24:17.830Z",
"dateUpdated": "2025-05-16T13:04:26.030Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}