216.73.216.128

CVE-2025-29994

· Published 13/03/2025 12:15 · Modified 13/03/2025 12:15

Labels: CVE-2025-29994 2025-03-13CVE-2025-29994CWE-1390[email protected]

Essential information

Published
13/03/2025 12:15
Modified
13/03/2025 12:15
Author
Creator
CISA KEV
No
CWE

Description

This vulnerability exists in the CAP back office application due to improper authentication check at the API endpoint. An unauthenticated remote attacker with a valid login ID could exploit this vulnerability by manipulating API input parameters through API request URL/payload leading to unauthorized access to other user accounts.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
* / cap cpe:2.3:a:*:cap:*:*:*:*:*:*:*:*

References