- Description
- A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Reference (IDOR) vulnerability in the Issuetrak audit component. The vulnerability enables unauthorized access to sensitive information, including user details, network and hardware information, installed programs, running processes, drives, and printers. Due to improper access controls, an attacker can retrieve audit data belonging to other users, potentially leading to unauthorized data exposure, privacy violations, and security risks.
- Source
- b7efe717-a805-47cf-8e9a-921fca0ce0ce
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.7
- Impact score
- 4
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
- b7efe717-a805-47cf-8e9a-921fca0ce0ce
- CWE-639
- Hype score
- Not currently trending
CVE-2025-2271 (CVSS:7.7, HIGH) is Awaiting Analysis. A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other..https://t.co/iQ8gIJOGd9 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
18 Mar 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
๐จ CVE-2025-2271 ๐ด HIGH (7.7) ๐ข issuetrak - audit ๐๏ธ Issuetrak 17.2.2 and prior ๐ https://t.co/WQO6xyLpyo #CyberCron #VulnAlert #InfoSec https://t.co/wPW79VjxyE
@cybercronai
14 Mar 2025
13 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2271 A vulnerability exists in Issuetrak v17.2.2 and prior that allows a low-privileged user to access audit results of other users by exploiting an Insecure Direct Object Rโฆ https://t.co/FDWdIG9y55
@CVEnew
13 Mar 2025
307 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes