CVE-2025-2271

CVSS 3.1 Score 8.5 of 10 (high)

Details

Published Mar 13, 2025

CWE ID 89

Summary

CVE-2025-2271 is a vulnerability affecting Issuetrak versions 17.2.2 and older. This issue involves an Insecure Direct Object Reference (IDOR) in the Issuetrak audit component, which allows a low-privileged user to gain unauthorized access to audit results of other users. The vulnerability exposes sensitive information, such as user details, network and hardware information, installed programs, running processes, drives, and printers. Due to insufficient access controls, an attacker can potentially gain unauthorized access to data, leading to privacy violations, data exposure, and increased security risks.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

WordPress

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/2RZsg0
https://www.cve.org/CVERecord?id=CVE-2025-2271
https://nvd.nist.gov/vuln/detail/CVE-2025-2271

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Stimmen aus Moskau: Russian Influence Operations Target German Elections

2024 Malicious Infrastructure Report

2024 Annual Report

Know What Matters

For Customers

For Partners

CVE-2025-2271

CVSS 3.1 Score 8.5 of 10 (high)

Details

Summary

Affected Vendors

Advisories, Assessments, and Mitigations