CVE-2025-1091

Vulnerability

Overview

CVE-2025-1091 is a broken authorization vulnerability in Tenable Identity Exposure. Any authenticated user, regardless of their privilege level, can download IOA (Identity Object Awareness) script and configuration files if they know the URL of those files. The root cause is an insufficient authorization check that fails to restrict access to these sensitive resources based on user roles.

Exploitation

Exploitation requires the attacker to be an authenticated user of the Tenable Identity Exposure platform. The attack does not require any special privileges; any account with valid credentials can be used. The attacker must know or guess the specific URL path where IOA scripts and configuration files are stored. This is a low-complexity attack that can be performed over the network, as described in the official advisory [1].

Impact

Successful exploitation allows an attacker to download IOA scripts and configuration files, which may contain sensitive information about the identity exposure setup. This could aid in further attacks or reveal internal configuration details. The CVSS v3 base score is 4.3 (Medium), indicating moderate severity due to the prerequisites of authentication and knowledge of the URL.

Mitigation

Tenable has addressed this vulnerability in Identity Exposure version 3.77.9. Users should upgrade to this version or later to remediate the issue. No workarounds are mentioned in the advisory [1].