exploitDog

CVE-2025-54968

Опубликовано: 27 окт. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Service does not require authentication. In some configurations, this may allow remote users to submit jobs, or local users to submit jobs that will execute with the permissions of other users.

Ссылки

https://www.baesystems.com/en-us/product/geospatial-exploitation-products
Product
https://www.geospatialexploitationproducts.com/content/socet-gxp/vulnerabilities-disclosure/#cve-2025-54968
Mitigation
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:baesystems:socet_gxp:*:*:*:*:*:*:*:*

Версия до 4.6.0.2 (исключая)

EPSS

Процентиль: 47%

0.00244

Низкий

8.8 High

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-wr27-qc8h-mq4h

CVSS3: 8.8

github

3 месяца назад

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Service does not require authentication. In some configurations, this may allow remote users to submit jobs, or local users to submit jobs that will execute with the permissions of other users.

EPSS

Процентиль: 47%

0.00244

Низкий

8.8 High

CVSS3

Дефекты

CWE-284