exploitDog

CVE-2025-11906

Опубликовано: 30 окт. 2025

Источник: nvd

CVSS3: 6.7

EPSS Низкий

Описание

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization.

Ссылки

https://community.progress.com/s/article/Progress-Flowmon-CVE-2025-11906

EPSS

Процентиль: 2%

0.00014

Низкий

6.7 Medium

CVSS3

Дефекты

CWE-732

Связанные уязвимости

GHSA-g429-pfpf-366c

CVSS3: 6.7

github

3 месяца назад

A vulnerability exists in Progress Flowmon versions prior 12.5.6 where certain system configuration files have incorrect file permissions, allowing a user with access to the default flowmon system user account used for SSH access to potentially escalate privileges to root during service initialization.

EPSS

Процентиль: 2%

0.00014

Низкий

6.7 Medium

CVSS3

Дефекты

CWE-732