CVE-2025-12104

Incorrect Content-Type Header

CVSS 10 CRITICALEPSS 0.4%CWE-1104

In short

The application uses outdated UI libraries that contain known security vulnerabilities, which could allow attackers to exploit weaknesses in these components. This affects certain versions of BLU-IC2 and BLU-IC4 systems.

Technical detail

CWE-1104 addresses use of outdated or vulnerable third-party UI dependencies that may contain exploitable flaws. Affected versions (BLU-IC2 and BLU-IC4 through 1.19.5) have not patched vulnerable library components, potentially enabling remote code execution or unauthorized access depending on the specific vulnerability in the dependency.

Summary generated and translated by AI from the official description.

Outdated and Vulnerable UI Dependencies might potentially lead to exploitation.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5.

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Affected products

Azure Access Technology · BLU-IC2 Azure Access Technology · BLU-IC4

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://azure-access.com/security-advisories