•
MEDIUM Severity
CVE-2025-5389
Improper access controls in JeeWMS.
Overview
A critical vulnerability was found in JeeWMS up to 20250504. The issue, originating from improper access controls, affects the function "dogenerateOne2Many" in the file handler. The vulnerability can be exploited remotely.
Technical Details
The vulnerability lies in the "dogenerateOne2Many" function of the component File Handler. It arises from handling access controls improperly, allowing unauthorized remote manipulation.
CVSS Metrics
- Attack vector: NETWORK
- Attack complexity: LOW
- Privileges required: LOW
- Confidentiality impact: LOW
- Integrity impact: LOW
- Availability impact: LOW
Impact
The vulnerability allows attackers to exploit the system remotely. This in turn could lead to unauthorized access and manipulation of data.
Recommendations
It is essential to ensure that all security updates are promptly installed. Regular system audits will help detect potential weak spots.
Threat Metrics
- CVSS_score: 6.3
- Severity: MEDIUM
- Attack vector: NETWORK
- Attack complexity: LOW