CVE-2025-66573
6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N
Summary
Solstice Pod API (version 5.5, 6.2) contains an unauthenticated API endpoint (/api/config) that exposes sensitive information such as the session key, server version, product details, and display name. Unauthorized users can extract live session information by accessing this endpoint without authentication.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| mersive | Solstice Pod API | 5.5 | affected |
| mersive | Solstice Pod API | 6.2 | affected |
Weaknesses
- CWE-319: CWE-319 Cleartext Transmission of Sensitive Information
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: yes
- Technical Impact: partial
Additional References
References
- https://www.exploit-db.com/exploits/52104
- https://www.mersive.com/
- https://documentation.mersive.com/en/solstice/about-solstice.html
- https://www.vulncheck.com/advisories/solstice-pod-api-session-key-extraction-via-api-endpoint
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.