Systemic Internal Server Errors in BLU-IC2 and BLU-IC4 by Azure Access
CVE-2025-12515
10CRITICAL
What is CVE-2025-12515?
A systemic internal server error issue has been identified in Azure Access's products, specifically affecting BLU-IC2 and BLU-IC4 versions up to 1.19.5. This can result in HTTP 500 responses, indicating failed requests that may disrupt services and degrade user experience. It's crucial for administrators to assess their systems and implement necessary updates or fixes to mitigate potential disruptions.
Affected Version(s)
BLU-IC2 0 <= 1.19.5
BLU-IC4 0 <= 1.19.5
References
CVSS V4
Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Kevin Schaller
Benjamin Lafois
Alexi Bitsios
Sebastian Toscano
Dominik Schneider