3 matches found
CVE-2025-49853
CVE-2025-49853 affects ControlID iDSecure On-premises versions 4.7.48.0 and prior. Root cause is an SQL injection vulnerability that could leak arbitrary information and allow insertion of arbitrary SQL syntax into queries, impacting confidentiality and integrity (CVSS 3.1/4.0 CRITICAL). Remediat...
CVE-2025-49851
The CVE-2025-49851 entry concerns ControlID iDSecure On-premises, affected versions 4.7.48.0 and prior. The root cause is an improper authentication vulnerability that could let an attacker bypass authentication and gain permissions in the product. Public sources in the connected documents corrob...
CVE-2025-49852
CVE-2025-49852 affects ControlID iDSecure On-premises (versions 4.7.48.0 and prior). The root cause is a Server-Side Request Forgery (SSRF) vulnerability that could allow an unauthenticated attacker to retrieve information from other servers. Public advisories (CISA ICS, Red Hat, CVE list, NVD) c...