CVE-2025-54966

Published: Oct 23, 2025Modified: Oct 28, 2025

4.3

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Exploitability: 2.8 / Impact: 1.4

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue was discovered in BAE SOCET GXP before 4.6.0.2. Some endpoints on the SOCET GXP Job Status Service may return sensitive information in certain situations, including local file paths and SOCET GXP version information.

Affected (1)

Products: Baesystems: Socet Gxp

Baesystems

1 product

Socet Gxp

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Baesystems Socet Gxp	Before 4.6.0.2

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://www.baesystems.com/en-us/product/geospatial-exploitation-products

Source: cve@mitre.org

Product

https://www.geospatialexploitationproducts.com/content/socet-gxp/vulnerabilities-disclosure/#cve-2025-54966

Source: cve@mitre.org

Vendor Advisory

Timeline

No history available yet.