CVE-2025-62236

EPSS 0.05%
Veröffentlicht 23.10.2025 19:31:15
Zuletzt bearbeitet 31.12.2025 02:34:14
Quelle 9119a7d8-5eab-497f-8521-727c67
CVE-Watchlists
Login
Unerledigt
Login

The Frontier Airlines website has a publicly available endpoint that validates if an email addresses is associated with an account. An unauthenticated, remote attacker could determine valid email addresses, possibly aiding in further attacks.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Flyfrontier ≫ Frontier Airlines Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.05%	0.165

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
9119a7d8-5eab-497f-8521-727c672e3725	6.9	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
9119a7d8-5eab-497f-8521-727c672e3725	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE-204 Observable Response Discrepancy

The product provides different responses to incoming requests in a way that reveals internal state information to an unauthorized actor outside of the intended control sphere.

https://www.cve.org/CVERecord?id=CVE-2025-62236

Third Party Advisory

US Government Resource

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-296-01.json

Third Party Advisory

https://nvd.nist.gov/vuln/detail/CVE-2025-62236

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2025-62236

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2025-62236

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2025-62236