CVE-2025-49618 - CERT CVE

  1. CVE-2025-49618

ID CVE-2025-49618
Sažetak In Plesk Obsidian 18.0.69, unauthenticated requests to /login_up.php can reveal an AWS accessKeyId, secretAccessKey, region, and endpoint.
Reference
CVSS
Base: 5.8
Impact: 1.4
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
LOW NONE NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
Zadnje važnije ažuriranje 03-07-2025 - 15:13
Objavljeno 03-07-2025 - 13:15