CVE-2025-11832

EPSS 0.34%
Veröffentlicht 15.10.2025 19:10:33
Zuletzt bearbeitet 07.11.2025 17:49:51
Quelle a0340c66-c385-4f8b-991b-3d05f6
CVE-Watchlists
Login
Unerledigt
Login

APIs Lack Rate Limiting

Allocation of Resources Without Limits or Throttling vulnerability in Azure Access Technology BLU-IC2, Azure Access Technology BLU-IC4 allows Flooding.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

NVD 2 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Azure-access ≫ Blu-ic2 Firmware Version < 1.20

Azure-access ≫ Blu-ic2 Version-

Azure-access ≫ Blu-ic4 Firmware Version < 1.20

Azure-access ≫ Blu-ic4 Version-

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.34%	0.253

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
a0340c66-c385-4f8b-991b-3d05f6fd5220	10	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-770 Allocation of Resources Without Limits or Throttling

The product allocates a reusable resource or group of resources on behalf of an actor without imposing any restrictions on the size or number of resources that can be allocated, in violation of the intended security policy for that actor.

https://azure-access.com/security-advisories

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-11832

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-11832

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-11832

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-11832