exploitDog

CVE-2025-42959

Опубликовано: 08 июл. 2025

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code (HMAC) credential, extracted from a system missing specific security patches, is reused in a replay attack against a different system. Even if the target system is fully patched, successful exploitation could result in complete system compromise, affecting confidentiality, integrity, and availability.

Ссылки

EPSS

Процентиль: 35%

0.00143

Низкий

8.1 High

CVSS3

Дефекты

CWE-308

Связанные уязвимости

GHSA-j74w-g6f3-9wr9

CVSS3: 8.1

github

7 месяцев назад

An unauthenticated attacker may exploit a scenario where a Hashed Message Authentication Code (HMAC) credential, extracted from a system missing specific security patches, is reused in a replay attack against a different system. Even if the target system is fully patched, successful exploitation could result in complete system compromise, affecting confidentiality, integrity, and availability.

BDU:2025-10643

CVSS3: 8.1

fstec

7 месяцев назад

Уязвимость программных интеграционных платформ SAP NetWeaver ABAP Server и ABAP Platform, связанная с применением однофакторной аутентификации, позволяющая нарушителю полностью компрометировать систему

EPSS

Процентиль: 35%

0.00143

Низкий

8.1 High

CVSS3

Дефекты

CWE-308