216.73.217.6

CVE-2025-10225

· Published 10/09/2025 13:15 · Modified 10/09/2025 13:15

Labels: CVE-2025-10225 15ede60e-6fda-426e-be9c-e788f151a3772025-09-10CVE-2025-10225CWE-119

Essential information

Published
10/09/2025 13:15
Modified
10/09/2025 13:15
Author
Creator
CVSS
8.7 HIGH (v3) 8.7 HIGH (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) in the OpenSSL-based session module in AxxonSoft Axxon One 2.0.6 and earlier on Windows allows a remote attacker under high load conditions to cause application crashes or unpredictable behavior via triggering memory reallocation errors when handling expired session keys.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
15ede60e-6fda-426e-be9c-e788f151a377
NVD
View on NVD

Affected products (CPE)

ProductCPE
axxonsoft / axxon one cpe:2.3:a:axxonsoft:axxon_one:2.0.6:*:*:*:*:*:*:*
axxonsoft / axxon one cpe:2.3:a:axxonsoft:axxon_one:*:*:*:*:*:*:*:*

References