Home

Description

Insufficiently Protected Credentials vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.11.0. The issue is fixed in version 1.12.1. Users are encouraged to upgrade to version 1.13.0, the latest release.

PUBLISHED Reserved 2025-08-25 | Published 2025-12-12 | Updated 2025-12-12 | Assigner apache

Problem types

CWE-522 Insufficiently Protected Credentials

Product status

Default status
unaffected

Any version
affected

1.12.1 (semver)
unaffected

Credits

Peter Chen reporter

Jose Alberto Hernandez remediation developer

Ádám Sághy remediation reviewer

References

www.openwall.com/lists/oss-security/2025/12/11/6

lists.apache.org/thread/d9zpkc86zk265523tfvbr8w7gyr6onoy vendor-advisory

cve.org (CVE-2025-58130)

nvd.nist.gov (CVE-2025-58130)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.