Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.12 views

CVE-2025-15622

Insufficiently Protected Credentials vulnerability in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client reveals plaintext OAuth2 client secretDesktop client decodes the secret and uses the plaintext secret to exchange it into an access and id tokens as part of the OpenID authentication fl...

6.2CVSS5.5AI score0.00155EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/17 9:31 a.m.9 views

EUVD-2025-209512

Insufficiently Protected Credentials vulnerability in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client reveals plaintext OAuth2 client secretDesktop client decodes the secret and uses the plaintext secret to exchange it into an access and id tokens as part of the OpenID authentication fl...

6.2CVSS5.8AI score0.00155EPSS
Exploits0References2
CVE
CVE
added 2026/04/17 8:35 a.m.11 views

CVE-2025-15622

The CVE-2025-15622 vectors/auth flow involve Sparx Systems Pty Ltd. Sparx Enterprise Architect desktop client exposing a plaintext OAuth2 client secret, which the client decodes and uses to exchange for access and ID tokens in the OpenID authentication flow. This is described as an Insufficiently...

6.2CVSS5.8AI score0.00155EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/17 8:35 a.m.31 views

CVE-2025-15622 Sparx Enterprise Architect Client reveals plaintext OAuth2 client secret

Insufficiently Protected Credentials vulnerability in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client reveals plaintext OAuth2 client secretDesktop client decodes the secret and uses the plaintext secret to exchange it into an access and id tokens as part of the OpenID authentication fl...

6.2CVSS0.00155EPSS
Exploits0References1
Rows per page
Query Builder