CVE-2025-27223

nvd nist nuclei

Published: Oct 27, 2025Modified: Oct 31, 2025

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

TRUfusion Enterprise through 7.10.4.0 exposes the encrypted COOKIEID as an authentication mechanism for some endpoints such as /trufusionPortal/getProjectList. However, the application uses a static key to create the encrypted cookie, ultimately allowing anyone to forge cookies and gain access to sensitive internal information.

Affected (1)

Products: Rocketsoftware: Trufusion Enterprise

1 product

Trufusion Enterprise

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Rocketsoftware Trufusion Enterprise	Up to 7.10.4.0

Related CWEs

Sensitive Cookie Without 'HttpOnly' Flag

The product uses a cookie to store sensitive information, but the cookie is not marked with the HttpOnly flag.

References (3)

https://github.com/MrTuxracer/advisories/blob/master/CVEs/CVE-2025-27223.txt

Source: cve@mitre.org

Third Party Advisory

https://www.rcesecurity.com/2025/09/when-audits-fail-four-critical-pre-auth-vulnerabilities-in-trufusion-enterprise/

Source: cve@mitre.org

ExploitThird Party Advisory

https://www.rocketsoftware.com/products/rocket-b2b-supply-chain-integration/rocket-trufusion-enterprise

Source: cve@mitre.org

Product

Timeline

No history available yet.