10
CVE-2025-45854
- EPSS 14.37%
- Veröffentlicht 03.06.2025 00:00:00
- Zuletzt bearbeitet 26.08.2025 19:15:40
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Login/server/executeExec of JEHC-BPM 2.0.1 allows attackers to execute arbitrary code via execParams.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 14.37% | 0.942 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| cve@mitre.org | 10 | 3.9 | 6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
|
CWE-862 Missing Authorization
The product does not perform an authorization check when an actor attempts to access a resource or perform an action.