CVE-2025-35114

High CVSS: 8.7

Agiloft Release 28 contains several accounts with default credentials that could allow local privilege escalation. The password hash is known for at least one of the accounts and the credentials could be cracked offline. Users should upgrade to Agiloft Release 30.

Vendor

Atlassian

Product

Agiloft

CWE

CWE-1392

Yayın Tarihi

2025-08-26 23:15:35

Güncelleme

2025-09-02 17:58:00

Source Identifier

9119a7d8-5eab-497f-8521-727c672e3725

KEV Date Added

Kategoriler

CWE-1392 Agiloft HIGH Atlassian 2025

Referanslar

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-239-01.json https://wiki.agiloft.com/display/HELP/What%27s+New%3A+CVE+Resolution https://www.cve.org/CVERecord?id=CVE-2025-35114

Benzer Kayıtlar

High

CVE-2026-21569

This High severity XXE (XML External Entity Injection) vulnerability was introduced in version 7.1.0 of Crowd Data Cente…

Medium

CVE-2025-22176