CVE-2025-25206 (GCVE-0-2025-25206)

Vulnerability from cvelistv5 – Published: 2025-02-14 16:47 – Updated: 2025-02-14 17:28
VLAI?
Summary
eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available.
Severity ?
8.3 (High)
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
CWE
  • CWE-89 - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Assigner
References
Impacted products
Vendor Product Version
elabftw elabftw Affected: < 5.1.15
Create a notification for this product.
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-25206",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-14T17:26:47.510895Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-14T17:28:44.566Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "elabftw",
          "vendor": "elabftw",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 5.1.15"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-89",
              "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-14T16:47:04.660Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg"
        },
        {
          "name": "https://github.com/elabftw/elabftw/releases/tag/5.1.15",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/elabftw/elabftw/releases/tag/5.1.15"
        }
      ],
      "source": {
        "advisory": "GHSA-qffc-rfjh-77gg",
        "discovery": "UNKNOWN"
      },
      "title": "Incorrect input validation could allow an authenticated user to read sensitive information"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-25206",
    "datePublished": "2025-02-14T16:47:04.660Z",
    "dateReserved": "2025-02-03T19:30:53.401Z",
    "dateUpdated": "2025-02-14T17:28:44.566Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-25206\",\"sourceIdentifier\":\"security-advisories@github.com\",\"published\":\"2025-02-14T17:15:19.327\",\"lastModified\":\"2025-08-18T18:23:58.207\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available.\"},{\"lang\":\"es\",\"value\":\"eLabFTW es un cuaderno de laboratorio electr\u00f3nico de c\u00f3digo abierto para laboratorios de investigaci\u00f3n. Antes de la versi\u00f3n 5.1.15, una validaci\u00f3n de entrada incorrecta pod\u00eda permitir que un usuario autenticado leyera informaci\u00f3n confidencial, incluido el token de inicio de sesi\u00f3n u otro contenido almacenado en la base de datos. Esto pod\u00eda provocar una escalada de privilegios si se habilitaban las cookies (configuraci\u00f3n predeterminada). Los usuarios deben actualizar a la versi\u00f3n 5.1.15 de eLabFTW para recibir una soluci\u00f3n. No se conocen workarounds.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L\",\"baseScore\":8.3,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.8,\"impactScore\":5.5},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"security-advisories@github.com\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-89\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:elabftw:elabftw:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"5.1.15\",\"matchCriteriaId\":\"A071E270-6F23-4661-B29D-822485E1BA89\"}]}]}],\"references\":[{\"url\":\"https://github.com/elabftw/elabftw/releases/tag/5.1.15\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg\",\"source\":\"security-advisories@github.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-25206\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-02-14T17:26:47.510895Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-14T17:27:30.508Z\"}}], \"cna\": {\"title\": \"Incorrect input validation could allow an authenticated user to read sensitive information\", \"source\": {\"advisory\": \"GHSA-qffc-rfjh-77gg\", \"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 8.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}], \"affected\": [{\"vendor\": \"elabftw\", \"product\": \"elabftw\", \"versions\": [{\"status\": \"affected\", \"version\": \"\u003c 5.1.15\"}]}], \"references\": [{\"url\": \"https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg\", \"name\": \"https://github.com/elabftw/elabftw/security/advisories/GHSA-qffc-rfjh-77gg\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://github.com/elabftw/elabftw/releases/tag/5.1.15\", \"name\": \"https://github.com/elabftw/elabftw/releases/tag/5.1.15\", \"tags\": [\"x_refsource_MISC\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"eLabFTW is an open source electronic lab notebook for research labs. Prior to version 5.1.15, an incorrect input validation could allow an authenticated user to read sensitive information, including login token or other content stored in the database. This could lead to privilege escalation if cookies are enabled (default setting). Users must upgrade to eLabFTW version 5.1.15 to receive a fix. No known workarounds are available.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-89\", \"description\": \"CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"shortName\": \"GitHub_M\", \"dateUpdated\": \"2025-02-14T16:47:04.660Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-25206\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-14T17:28:44.566Z\", \"dateReserved\": \"2025-02-03T19:30:53.401Z\", \"assignerOrgId\": \"a0819718-46f1-4df5-94e2-005712e83aaa\", \"datePublished\": \"2025-02-14T16:47:04.660Z\", \"assignerShortName\": \"GitHub_M\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.