CVE-2025-46579 - CERT CVE

  1. CVE-2025-46579

ID CVE-2025-46579
Sažetak There is a DDE injection vulnerability in the GoldenDB database product. Attackers can inject DDE expressions through the interface, and when users download and open the affected file, the DDE commands can be executed.
Reference
CVSS
Base: 8.4
Impact: 6.0
Exploitability:1.7
Pristup
VektorSloženostAutentikacija
NETWORK LOW HIGH
Impact
PovjerljivostCjelovitostDostupnost
HIGH HIGH HIGH
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H
Zadnje važnije ažuriranje 29-04-2025 - 13:52
Objavljeno 27-04-2025 - 02:15