exploitDog

CVE-2025-51055

Опубликовано: 06 авг. 2025

Источник: nvd

CVSS3: 8.6

EPSS Низкий

Описание

Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in Vedo Suite version 2024.17. This file contains clear-text credentials, secret keys, and database information.

Ссылки

http://bottinelli.com
Broken Link
https://github.com/jacopoaugelli/vedo-suite-exploits
Exploit

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:vedo_suite_project:vedo_suite:2024.17:*:*:*:*:*:*:*

EPSS

Процентиль: 9%

0.00032

Низкий

8.6 High

CVSS3

Дефекты

CWE-312

Связанные уязвимости

GHSA-mpm3-wr5w-85gh

CVSS3: 8.6

github

6 месяцев назад

Insecure Data Storage of credentials has been found in /api_vedo/configuration/config.yml file in Vedo Suite version 2024.17. This file contains clear-text credentials, secret keys, and database information.

EPSS

Процентиль: 9%

0.00032

Низкий

8.6 High

CVSS3

Дефекты

CWE-312