216.73.217.176

CVE-2025-4375

· Published 09/05/2025 06:15 · Modified 09/05/2025 06:15

Labels: CVE-2025-4375 2025-05-09CVE-2025-4375CWE-352db4dfee8-a97e-4877-bfae-eba6d14a2166

Essential information

Published
09/05/2025 06:15
Modified
09/05/2025 06:15
Author
Creator
CVSS
6.9 MEDIUM (v3) 6.9 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Cross-Site Request Forgery (CSRF) vulnerability in Sparx Systems Pro Cloud Server allows Cross-Site Request Forgery to perform Session Hijacking. Cross-Site Request Forgery is present at the whole application but it can be used to change the Pro Cloud Server Configuration password. This issue affects Pro Cloud Server: earlier than 6.0.165.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
db4dfee8-a97e-4877-bfae-eba6d14a2166
NVD
View on NVD

Affected products (CPE)

ProductCPE
sparx systems / pro cloud server cpe:2.3:a:sparx_systems:pro_cloud_server:<6.0.165:*:*:*:*:*:*:*

References