CVE-2025-9031

Summary

Observable Timing Discrepancy vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive Web allows Cross-Domain Search Timing.

This issue affects DivvyDrive Web: from 4.8.2.2 before 4.8.2.15.

Affected Software

VendorProductVersion RangeStatus
DivvyDrive Information Technologies Inc.DivvyDrive Web4.8.2.2 < 4.8.2.15affected

Weaknesses

  • CWE-208: CWE-208 Observable Timing Discrepancy
  • CWE-203: CWE-203 Observable Discrepancy

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References