CVE-2025-21095
4.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Summary
Path traversal may lead to arbitrary file download. The score without least privilege principle violation is as calculated below. In combination with other issues it may facilitate further compromise of the device. Remediation in Version 6.8.0, release date: 01-Mar-25.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Keysight | Ixia Vision Product Family | 6.3.1 | affected |
Weaknesses
- CWE-22: CWE-22 Path Traversal
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://www.cisa.gov/news-events/ics-advisories/icsa-25-063-02
- https://www.keysight.com/us/en/contact.html
- https://support.ixiacom.com/
- https://support.ixiacom.com/support-overview/product-support/downloads-updates
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.