CVSS Score of 10 (low)


Published Jun 22, 2023
Updated: Jun 30, 2023
CWE ID 200


CVE-2023-25500 is a vulnerability in Vaadin versions 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, and 24.0.0 to 24.0.6 as well as versions between 24.1.0.alpha1 and 24.1.rc2 that allows potential information disclosure of class and method names in RPC responses by sending modified requests, leading to a risk score of 15 out of a possible maximum of 100 according to the CVSS scoring system used for evaluating vulnerabilities' severity levels.


Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-25500 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options