Cross-Privilege Vulnerability in Absolute Secure Access Management Console
CVE-2025-49082

5.1MEDIUM

Key Information:

Vendor
CVE Published:
31 July 2025

What is CVE-2025-49082?

This vulnerability allows attackers with administrative access to Absolute Secure Access's management console to bypass assigned permissions, potentially exposing sensitive settings. Attackers do not need any preconditions to exploit this flaw, emphasizing the importance of securing administrative roles. Although the impact on confidentiality is limited and there's no risk to system integrity or availability, organizations must address this exposure to ensure robust security practices.

Affected Version(s)

Secure Access 0 < 13.56

References

CVSS V4

Score:
5.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • Vulnerability published

.