CVE-2025-49152

Summary

The affected products contain JSON Web Tokens (JWT) that do not expire, which could allow an attacker to gain access to the system.

Affected Software

VendorProductVersion RangeStatus
MicrosensNMP Web+0 <= Version 3.2.5affected

Weaknesses

  • CWE-613: CWE-613 Insufficient Session Expiration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References