CVE-2025-11580

Summary

A weakness has been identified in PowerJob up to 5.1.2. This affects the function list of the file /user/list. This manipulation causes missing authorization. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.

Affected Software

VendorProductVersion RangeStatus
n/aPowerJob5.1.0affected
n/aPowerJob5.1.1affected
n/aPowerJob5.1.2affected

Weaknesses

  • CWE-862: Missing Authorization
  • CWE-863: Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

Additional References

References