CVE-2025-30398
8.1
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N/E:U/RL:O/RC:C
Summary
Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Microsoft | Nuance PowerScribe 360 version 4.0.1 | 4.0.1 < 7.0.111.66 | affected |
| Microsoft | Nuance PowerScribe 360 version 4.0.2 | 4.0.2 < 7.0.154.16 | affected |
| Microsoft | Nuance PowerScribe 360 version 4.0.3 | 4.0.3 < 7.0.197.8 | affected |
| Microsoft | Nuance PowerScribe 360 version 4.0.4 | 4.0.4 < 7.0.212.9 | affected |
| Microsoft | Nuance PowerScribe 360 version 4.0.5 | 4.0.5 < 7.0.243.17 | affected |
| Microsoft | Nuance PowerScribe 360 version 4.0.6 | 4.0.6 < 7.0.277.26 | affected |
| Microsoft | Nuance PowerScribe 360 version 4.0.7 | 4.0.7 < 7.0.316.9 | affected |
| Microsoft | Nuance PowerScribe 360 version 4.0.8 | 4.0.8 < 7.0.427.13 | affected |
| Microsoft | Nuance PowerScribe 360 version 4.0.9 | 4.0.9 < 7.0.528.18 | affected |
| Microsoft | Nuance PowerScribe One version 2019.1 | 2019.1 < 2019.1.96.5 | affected |
| Microsoft | Nuance PowerScribe One version 2019.10 | 2019.10 < 2019.10.36.4 | affected |
| Microsoft | Nuance PowerScribe One version 2019.2 | 2019.2 < 2019.2.9.8 | affected |
| Microsoft | Nuance PowerScribe One version 2019.3 | 2019.3 < 2019.3.16.20 | affected |
| Microsoft | Nuance PowerScribe One version 2019.4 | 2019.4 < 2019.4.9.16 | affected |
| Microsoft | Nuance PowerScribe One version 2019.5 | 2019.5 < 2019.5.14.39 | affected |
| Microsoft | Nuance PowerScribe One version 2019.6 | 2019.6 < 2019.6.36.39 | affected |
| Microsoft | Nuance PowerScribe One version 2019.7 | 2019.7 < 2019.7.107.21 | affected |
| Microsoft | Nuance PowerScribe One version 2019.8 | 2019.8 < 2019.8.43.15 | affected |
| Microsoft | Nuance PowerScribe One version 2019.9 | 2019.9 < 2019.9.31.19 | affected |
| Microsoft | PowerScribe One version 2023.1 SP2 Patch 7 | 2023.1 < 2023.2.3027.0 | affected |
Weaknesses
- CWE-862: CWE-862: Missing Authorization
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.