CVE-2025-49082

Medium CVSS: 5.1

CVE-2025-49082 is a vulnerability in the management console
of Absolute Secure Access prior to version 13.56. Attackers with administrative
access to the console and who have been assigned a certain set of permissions
can bypass those permissions to improperly read other settings. The attack
complexity is low, there are no preexisting attack requirements; the privileges
required are high, and there is no user interaction required. The impact to
system confidentiality is low, there is no impact to system availability or
integrity.

Vendor

Absolute

Product

Secure Access

CWE

CWE-276

Yayın Tarihi

2025-07-31 00:15:26

Güncelleme

2025-08-05 20:16:11

Source Identifier

SecurityResponse@netmotionsoftware.com

KEV Date Added

Kategoriler

CWE-276 Secure Access MEDIUM Absolute 2025

Referanslar

https://www.absolute.com/platform/security-information/vulnerability-archive/cve-2025-49082

Benzer Kayıtlar

Medium

CVE-2026-0518

CVE-2026-0518 is a cross-site scripting vulnerability in versions of Secure Access prior to 14.20. An attacker with adm…

Medium

CVE-2026-0519

In Secure Access 12.70 and prior to 14.20, the logging subsystem may write an unredacted authentication token to logs u…

Medium

CVE-2026-0517

CVE-2026-0517 is a denial-of-service vulnerability in versions of Secure Access Server prior to 14.20. An attacker can…

High

CVE-2025-59595

CVE-2025-59595 is an internally discovered denial of service vulnerability in versions of Secure Access prior to 14.12.…

Medium

CVE-2025-59596

CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 to 14.10 that is addr…

Medium

CVE-2025-54088

CVE-2025-54088 is an open-redirect vulnerability in Secure Access prior to version 14.10. Attackers with access to the c…