{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2306", "assignerOrgId": "a341c0d1-ebf7-493f-a84e-38cf86618674", "state": "PUBLISHED", "assignerShortName": "cirosec", "dateReserved": "2025-03-14T12:24:19.522Z", "datePublished": "2025-05-16T12:10:13.895Z", "dateUpdated": "2025-05-16T13:02:39.876Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "LIVE CONTRACT", "vendor": "SYNCPILOT", "versions": [{"lessThan": "5.4.12", "status": "affected", "version": "3", "versionType": "semver"}, {"lessThan": "5.5.4", "status": "affected", "version": "5.5", "versionType": "semver"}, {"lessThan": "5.6.3", "status": "affected", "version": "5.6", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Felix Schmid <felix.schmid@cirosec.de>"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>An Improper Access Control vulnerability was\nidentified in the file download functionality. This vulnerability allows users\nto download sensitive documents without authentication, if the URL is known.</p>\n\n<p>The attack\nrequires the attacker to know the documents UUIDv4.</p>"}], "value": "An Improper Access Control vulnerability was\nidentified in the file download functionality. This vulnerability allows users\nto download sensitive documents without authentication, if the URL is known.\n\n\n\nThe attack\nrequires the attacker to know the documents UUIDv4."}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-284", "description": "CWE-284 Improper Access Control", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "a341c0d1-ebf7-493f-a84e-38cf86618674", "shortName": "cirosec", "dateUpdated": "2025-05-16T12:10:13.895Z"}, "references": [{"url": "https://www.cirosec.de/sa/sa-2025-004"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update to versions&nbsp;5.4.12, 5.5.4, 5.6.3 or higher."}], "value": "Update to versions\u00a05.4.12, 5.5.4, 5.6.3 or higher."}], "source": {"advisory": "SA-2025-004", "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2025-03-04T23:00:00.000Z", "value": "Vendor was contacted and informed about the vulnerability via email."}, {"lang": "en", "time": "2025-03-04T23:00:00.000Z", "value": "Initial response received from vendor. Vendor acknowledged the vulnerability."}, {"lang": "en", "time": "2025-03-12T23:00:00.000Z", "value": "Vendor informed us that the issue was resolved."}], "title": "Improper Access Control vulnerability in LIVE CONTRACT", "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-16T13:02:34.088925Z", "id": "CVE-2025-2306", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-16T13:02:39.876Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2306", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-16T13:02:34.088925Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-16T13:02:37.262Z"}}], "cna": {"title": "Improper Access Control vulnerability in LIVE CONTRACT", "source": {"advisory": "SA-2025-004", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Felix Schmid <felix.schmid@cirosec.de>"}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "SYNCPILOT", "product": "LIVE CONTRACT", "versions": [{"status": "affected", "version": "3", "lessThan": "5.4.12", "versionType": "semver"}, {"status": "affected", "version": "5.5", "lessThan": "5.5.4", "versionType": "semver"}, {"status": "affected", "version": "5.6", "lessThan": "5.6.3", "versionType": "semver"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-03-04T23:00:00.000Z", "value": "Vendor was contacted and informed about the vulnerability via email."}, {"lang": "en", "time": "2025-03-04T23:00:00.000Z", "value": "Initial response received from vendor. Vendor acknowledged the vulnerability."}, {"lang": "en", "time": "2025-03-12T23:00:00.000Z", "value": "Vendor informed us that the issue was resolved."}], "solutions": [{"lang": "en", "value": "Update to versions\u00a05.4.12, 5.5.4, 5.6.3 or higher.", "supportingMedia": [{"type": "text/html", "value": "Update to versions&nbsp;5.4.12, 5.5.4, 5.6.3 or higher.", "base64": false}]}], "references": [{"url": "https://www.cirosec.de/sa/sa-2025-004"}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "An Improper Access Control vulnerability was\nidentified in the file download functionality. This vulnerability allows users\nto download sensitive documents without authentication, if the URL is known.\n\n\n\nThe attack\nrequires the attacker to know the documents UUIDv4.", "supportingMedia": [{"type": "text/html", "value": "<p>An Improper Access Control vulnerability was\nidentified in the file download functionality. This vulnerability allows users\nto download sensitive documents without authentication, if the URL is known.</p>\n\n<p>The attack\nrequires the attacker to know the documents UUIDv4.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "a341c0d1-ebf7-493f-a84e-38cf86618674", "shortName": "cirosec", "dateUpdated": "2025-05-16T12:10:13.895Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2306", "state": "PUBLISHED", "dateUpdated": "2025-05-16T13:02:39.876Z", "dateReserved": "2025-03-14T12:24:19.522Z", "assignerOrgId": "a341c0d1-ebf7-493f-a84e-38cf86618674", "datePublished": "2025-05-16T12:10:13.895Z", "assignerShortName": "cirosec"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An Improper Access Control vulnerability was\nidentified in the file download functionality. This vulnerability allows users\nto download sensitive documents without authentication, if the URL is known.\n\n\n\nThe attack\nrequires the attacker to know the documents UUIDv4."}, {"lang": "es", "value": "Se identific\u00f3 una vulnerabilidad de control de acceso inadecuado en la funcionalidad de descarga de archivos. Esta vulnerabilidad permite a los usuarios descargar documentos confidenciales sin autenticaci\u00f3n si se conoce la URL. El ataque requiere que el atacante conozca el UUIDv4 de los documentos."}], "id": "CVE-2025-2306", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "a341c0d1-ebf7-493f-a84e-38cf86618674", "type": "Secondary"}]}, "published": "2025-05-16T13:15:52.307", "references": [{"source": "a341c0d1-ebf7-493f-a84e-38cf86618674", "url": "https://www.cirosec.de/sa/sa-2025-004"}], "sourceIdentifier": "a341c0d1-ebf7-493f-a84e-38cf86618674", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "a341c0d1-ebf7-493f-a84e-38cf86618674", "type": "Secondary"}]}

{}

{}