CVE-2025-2002
CVE-2025-2002
Título es
CVE-2025-2002
Mié, 12/03/2025 – 16:15
Tipo
CWE-532
Gravedad 2.0 Txt
Pendiente de análisis
Título en
CVE-2025-2002
Descripción en
CWE-532: Insertion of Sensitive Information into Log Files vulnerability exists that could cause the disclosure
of FTP server credentials when the FTP server is deployed, and the device is placed in debug mode by an
administrative user and the debug files are exported from the device.
12/03/2025
12/03/2025
Vector CVSS:4.0
CVSS:4.0/AV:L/AC:L/AT:P/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Vector CVSS:3.1
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Gravedad 4.0
4.00
Gravedad 4.0 txt
MEDIUM
Gravedad 3.1 (CVSS 3.1 Base Score)
6.00
Gravedad 3.1 Txt Gravedad 3.1 (CVSS 3.1 Base Score)
MEDIUM
Referencias
https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-070-01&p_enDocType=Security%20and%20Safety%20Notice&p_File_Name=SEVD-2025-070-01.pdf
Enviar en el boletín
Off
