CVE-2025-54088

EPSS 0.04%
Veröffentlicht 02.10.2025 20:10:52
Zuletzt bearbeitet 16.10.2025 18:22:01
Quelle SecurityResponse@netmotionsoft
CVE-Watchlists
Login
Unerledigt
Login

CVE-2025-54088 is an open-redirect vulnerability in Secure
Access prior to version 14.10. Attackers with access to the console can
redirect victims to an arbitrary URL. The attack complexity is low, attack
requirements are present, no privileges are required, and users must actively
participate in the attack. Impact to confidentiality is low and there is no
impact to integrity or availability. There are high severity impacts to
confidentiality, integrity, availability in subsequent systems.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Absolute ≫ Secure Access Version < 14.10

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.04%	0.112

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	6.1	2.8	2.7	CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
SecurityResponse@netmotionsoftware.com	5.5	0	0	CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-601 URL Redirection to Untrusted Site ('Open Redirect')

The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.

https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-54088

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-54088

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-54088

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-54088

EUVD