CVE-2025-54924 | THREATINT

Description

CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists that could cause unauthorized access to sensitive data when an attacker sends a specially crafted document to a vulnerable endpoint.

PUBLISHED Reserved 2025-08-01 | Published 2025-08-20 | Updated 2025-08-20 | Assigner schneider

HIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-918 Server-Side Request Forgery (SSRF)

Product status

Default status

unaffected

Version 2022

affected

Version 2023

affected

Version 2024

affected

Version 2024 R2

affected

Default status

unaffected

Version 2022 w/ Advanced Reporting Module

affected

Version 2024 w/ Advanced Reporting Module

affected

References

download.schneider-electric.com/...Name=SEVD-2025-224-02.pdf

cve.org (CVE-2025-54924)

nvd.nist.gov (CVE-2025-54924)

Download JSON