VYPR
Medium severity6.5NVD Advisory· Published Mar 22, 2022· Updated Jun 17, 2026

CVE-2022-25518

CVE-2022-25518

Description

In CMDBuild from version 3.0 to 3.3.2 payload requests are saved in a temporary log table, which allows attackers with database access to read the password of the users who login to the application by querying the database table.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • CMDBuild/CMDBuildcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: 3.0 - 3.3.2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.