CVE-2025-1774

Sažetak

Incorrect string encoding vulnerability in NASK - PIB BotSense allows injection of an additional field separator character or value in the content of some fields of the generated event. A field with additional field separator characters or values can be included in the "extraData" field.This issue affects BotSense in versions before 2.8.0.

Reference

https://cert.pl/en/posts/2025/03/CVE-2025-1774/
https://cert.pl/posts/2025/03/CVE-2025-1774/
https://nask.pl/instytut/dla-biznesu/botsense/

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

17-03-2025 - 15:15

Objavljeno

17-03-2025 - 15:15