CVE-2025-30064

Possibility to generate a session for any user via the "ex:action" parameter after obtaining access to the JWT key

CVSS 8.8 HIGHEPSS 0.1%CWE-347 CWE-912

Vexday Risk Score

21Bajo

Decisión SSVC (CISA)

Track

Sin señal de explotación → monitorear

CVSS 8.8EPSS 0.1%KEV nãoPoC —Nuclei —Metasploit —Patch —

Ciclo de vida

27 ago 2025Publicada en NVD

Recomendación: Monitorear — sin señal de explotación por ahora.

An insufficiently secured internal function allows session generation for arbitrary users. The decodeParam function checks the JWT but does not verify which signing algorithm was used. As a result, an attacker can use the "ex:action" parameter in the VerifyUserByThrustedService function to generate a session for any user.

CVSS:4.0/AV:L/AC:H/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Productos afectados

CGM · CGM CLININET

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://cert.pl/en/posts/2025/08/CVE-2025-2313/