← Back

CVE-2025-21403

nvd nist
Published: Jan 14, 2025Modified: Jan 27, 2025

JSON object

Loading...
6.4
Vector
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:N
Exploitability: 1.2 / Impact: 5.2
Source: secure@microsoft.com (Secondary)

Description

On-Premises Data Gateway Information Disclosure Vulnerability

Affected (1)

Microsoft
1 product
On Prem Data Gateway
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
On Prem Data Gateway
Before 3000.246

Related CWEs

CWE-863
Incorrect Authorization
The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References (1)

Source: secure@microsoft.com
PatchVendor Advisory

Timeline

No history available yet.