CVE-2025-48881
Valtimo backend libraries allows objects in the object-api to be accessed and modified by unauthorized users
描述
### Impact All objects for which an object-management configuration exists can be listed, viewed, edited, created or deleted by unauthorised users. If object-urls are exposed via other channels, the contents of these objects can be viewed independent of object-management configurations. ### Attack requirements The following conditions have to be met in order to perform this attack: - A user must be logged in - No relevant application roles are required - At least one object-type must be configured via object-management - The scope of the attack is limited to objects that are configured via object-management. - The value of `showInDataMenu` is irrelevant for this attack ### Patches This issue was patched in version 12.13.0.RELEASE. ### Workarounds It is possible to override the endpoint security as defined in `ObjectenApiHttpSecurityConfigurer` and `ObjectManagementHttpSecurityConfigurer`. Depending on the implementation, this could result in loss of functionality.
如何修補 CVE-2025-48881
目前尚未發布修補版本。可考慮移除受影響套件,或參考下方連結中的上游建議。
- —未列出修補版本
- —未列出修補版本
CVE-2025-48881 正在被利用嗎?
低 — EPSS 為 0.2%,目前沒有觀察到大規模利用活動。
受影響套件(2)
- >= 11.0.0.RELEASE, <= 11.3.3.RELEASE
- >= 11.0.0.RELEASE, <= 11.3.3.RELEASE
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH8.3 | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L |
參考連結(4)
- ADVISORYnvd.nist.gov/vuln/detail/CVE-2025-48881
- PATCHgithub.com/valtimo-platform/valtimo-backend-libraries
- WEBgithub.com/valtimo-platform/valtimo-backend-libraries/commit/6ab04b30d3dab816bfea32d40ba50e5dd4517272
- WEBgithub.com/valtimo-platform/valtimo-backend-libraries/security/advisories/GHSA-965r-9cg9-g42p