CVE-2025-2311

Summary

Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event Monitoring.

This issue affects SecHard: before 3.3.0.20220411.

Affected Software

VendorProductVersion RangeStatus
Sechard Information TechnologiesSecHard0 < 3.3.0.20220411affected

Weaknesses

  • CWE-648: CWE-648 Incorrect Use of Privileged APIs
  • CWE-319: CWE-319 Cleartext Transmission of Sensitive Information
  • CWE-522: CWE-522 Insufficiently Protected Credentials

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References