{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2026-30707", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-23T15:31:21.485Z", "dateReserved": "2026-03-04T00:00:00.000Z", "datePublished": "2026-03-17T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-24T17:56:23.713Z"}, "descriptions": [{"lang": "en", "value": "An issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The provider states that this issue is \"Fixed in [02/2026] backend service update.\""}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/Maarckz/VulnReports/blob/main/SpeedExam%20%28SECOPS.GROUP%29.md"}, {"url": "https://github.com/Maarckz/VulnReports/blob/main/CVE-2026-30707.md"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "CWE-284 Improper Access Control"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-03-18T13:34:17.250379Z", "id": "CVE-2026-30707", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-23T15:31:21.485Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2026-30707", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-18T13:34:17.250379Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "CWE-284 Improper Access Control"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-18T13:36:09.012Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/Maarckz/VulnReports/blob/main/SpeedExam%20%28SECOPS.GROUP%29.md"}, {"url": "https://github.com/Maarckz/VulnReports/blob/main/CVE-2026-30707.md"}], "descriptions": [{"lang": "en", "value": "An issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The provider states that this issue is \"Fixed in [02/2026] backend service update.\""}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-03-24T17:56:23.713Z"}}}, "cveMetadata": {"cveId": "CVE-2026-30707", "state": "PUBLISHED", "dateUpdated": "2026-04-23T15:31:21.485Z", "dateReserved": "2026-03-04T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-03-17T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in SpeedExam Online Examination System (SaaS) after v.FEV2026. It allows Broken Access Control via the ReviewAnswerDetails ASP.NET PageMethod. Authenticated attackers can bypass client-side restrictions and invoke this method directly to retrieve the full answer key. The provider states that this issue is \"Fixed in [02/2026] backend service update.\""}, {"lang": "es", "value": "Se descubri\u00f3 un problema en SpeedExam Online Examination System (SaaS) despu\u00e9s de la v.FEV2026. Permite un Control de Acceso Roto a trav\u00e9s del PageMethod ASP.NET ReviewAnswerDetails. Atacantes autenticados pueden eludir las restricciones del lado del cliente e invocar este m\u00e9todo directamente para recuperar la clave de respuestas completa."}], "id": "CVE-2026-30707", "lastModified": "2026-03-24T18:16:09.080", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.2, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-03-17T20:16:13.870", "references": [{"source": "cve@mitre.org", "url": "https://github.com/Maarckz/VulnReports/blob/main/CVE-2026-30707.md"}, {"source": "cve@mitre.org", "url": "https://github.com/Maarckz/VulnReports/blob/main/SpeedExam%20%28SECOPS.GROUP%29.md"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-284"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[v.FEV2026,*]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "product": "online_examination_system", "vendor": "speedexam"}], "analysis": {"en": {"generated_at": "2026-03-24T19:40:14.582693+00:00", "value": {"mitigation_remediation": ["Apply the February 2026 backend service update that fixes the ReviewAnswerDetails access control flaw.", "Verify that the update has removed the ability to retrieve full answer keys via the ReviewAnswerDetails method.", "If the patch is not yet available, restrict the ReviewAnswerDetails endpoint to a limited set of trusted administrative accounts and disable any public API access.", "Monitor system logs for abnormal calls to the ReviewAnswerDetails method to detect potential exploitation attempts.", "Stay informed of further vendor advisories and apply any subsequent updates promptly."], "summary": {"action": "Patch Immediately", "impact": "Confidentiality Compromise"}, "threat_synthesis": {"affected_systems": "SpeedExam Online Examination System SaaS versions released after v.FEV2026 are affected. The issue applies to all environments running the unpatched backend service until the February 2026 update is applied.", "description_and_impact": "An authentication bypass vulnerability exists in the SpeedExam Online Examination System, where a manual override of client\u2011side controls on the ReviewAnswerDetails PageMethod exposes the full answer key to authenticated users. The flaw permits attackers with credentials to download every answer key, compromising the confidentiality and integrity of exam content and potentially enabling cheating.", "risk_and_exploitability": "The CVSS base score of 8.1 marks the vulnerability as high severity, and the EPSS score of less than 1% suggests low probability of community exploitation. The flaw requires authenticated access; however, attacker can force the PageMethod to return the entire answer key bypassing client\u2011side checks. Organizations that expose this endpoint to students or generic users face significant risk to exam integrity, and the vulnerability is not listed in the CISA KEV catalog. Prompt remediation is essential."}}}}, "created": "2026-03-18T12:13:35.332831+00:00", "updated": "2026-03-25T11:52:59.115583+00:00", "vendors": ["speedexam", "speedexam$PRODUCT$online_examination_system"]}