CVE-2025-59745

EPSS 0.02%
Veröffentlicht 02.10.2025 15:15:54
Zuletzt bearbeitet 02.10.2025 19:45:31
Quelle cve-coordination@incibe.es
Teams Watchlist Login
Unerledigt Login

Vulnerability in the cryptographic algorithm of AndSoft's e-TMS v25.03, which uses MD5 to encrypt passwords. MD5 is a cryptographically vulnerable hash algorithm and is no longer considered secure for storing or transmitting passwords. It is vulnerable to collision attacks and can be easily cracked with modern hardware, exposing user credentials to potential risks.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Andsoft ≫ E-tms Version25.03

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.02%	0.029

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cve-coordination@incibe.es	6.9	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CWE-327 Use of a Broken or Risky Cryptographic Algorithm

The product uses a broken or risky cryptographic algorithm or protocol.

https://www.incibe.es/en/incibe-cert/notices/aviso/update-24092025-multiple-vulnerabilities-andsofts-e-tms

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-59745

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-59745

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-59745

EUVD