CVE-2025-25060

high

Description

Missing authentication for critical function vulnerability exists in AssetView and AssetView CLOUD. If exploited, the files on the server where the product is running may be obtained and/or deleted by a remote unauthenticated attacker.

References

https://www.hammock.jp/assetview/info/250325.html

https://jvn.jp/en/jp/JVN26321838/

Details

Source: Mitre, NVD

Published: 2025-04-02

Updated: 2025-04-02

Risk Information

CVSS v2

Base Score: 8.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:P/A:N

Severity: High

CVSS v3

Base Score: 8.2

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N