CVE-2025-13774

Summary

A vulnerability exists in Progress Flowmon ADS versions prior to 12.5.4 and 13.0.1 where an SQL injection vulnerability allows authenticated users to execute unintended SQL queries and commands.

Affected Software

VendorProductVersion RangeStatus
Progress SoftwareFlowmon ADSFlowmon ADS 12 versions prior to 12.5.4affected
Progress SoftwareFlowmon ADSFlowmon ADS 13 versions prior to 13.0.1affected

Weaknesses

  • CWE-89: CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References