7.1
CVE-2025-25749
- EPSS 0.56%
- Veröffentlicht 11.03.2025 00:00:00
- Zuletzt bearbeitet 07.04.2025 14:06:58
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
An issue in HotelDruid version 3.0.7 and earlier allows users to set weak passwords due to the lack of enforcement of password strength policies.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Digitaldruid ≫ Hoteldruid Version <= 3.0.7
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
Login| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.56% | 0.423 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.1 | 1.6 | 5.5 |
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
|
CWE-521 Weak Password Requirements
The product does not require that users should have strong passwords, which makes it easier for attackers to compromise user accounts.
https://www.huyvo.net/post/cve-2025-25749-weak-password-policy-in-hoteldruid-3-0-7