CVE-2025-54970

An issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service fails to authenticate requests. In some configurations, this may allow remote or local users to abort jobs or read information without the permissions of the job owner...

CVE-2025-54969

BAE Systems SOCET GXP before 4.6.0.2 is affected by CVE-2025-54969 due to the SOCET GXP Job Status Service lacking CSRF protections. An attacker could trick an authenticated user into visiting a malicious link or site and submit requests to the Job Status Service without user knowledge. Documente...

PT-2025-43993

Name of the Vulnerable Software and Affected Versions BAE SOCET GXP versions prior to 4.6.0.2 Description An XSS issue exists in the SOCET GXP Job Status Service. The service does not properly sanitize the job ID parameter before using it in the job status page. An attacker may be able to execute...

BAE Systems SOCET GXP 安全漏洞

BAE Systems SOCET GXP is a high-end geographic information image analysis and mapping software from BAE Systems. A security vulnerability exists in BAE Systems SOCET GXP prior to version 4.6.0.2, which originates from an unauthenticated request from the SOCET GXP Job Status Service, and could cau...

CVE-2025-54963

An issue was discovered in BAE SOCET GXP before 4.6.0.2. An attacker with the ability to interact with the GXP Job Service may submit a crafted job request that grants read access to files on the filesystem with the permissions of the GXP Job Service process. The path to a file is not sanitized f...

BAE Systems SOCET GXP 安全漏洞

BAE Systems SOCET GXP is a high-end geographic information image analysis and mapping software from BAE Systems. A security vulnerability exists in BAE Systems SOCET GXP versions prior to 4.6.0.2 that stems from a failure to clean up file paths, which could lead to a directory traversal attack an...