{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-4528", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2025-05-10T05:30:00.544Z", "datePublished": "2025-05-11T03:00:06.849Z", "dateUpdated": "2025-05-12T14:33:36.562Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-05-11T03:00:06.849Z"}, "title": "D\u00edgitro NGC Explorer session expiration", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-613", "lang": "en", "description": "Session Expiration"}]}], "affected": [{"vendor": "D\u00edgitro", "product": "NGC Explorer", "versions": [{"version": "3.44.0", "status": "affected"}, {"version": "3.44.1", "status": "affected"}, {"version": "3.44.2", "status": "affected"}, {"version": "3.44.3", "status": "affected"}, {"version": "3.44.4", "status": "affected"}, {"version": "3.44.5", "status": "affected"}, {"version": "3.44.6", "status": "affected"}, {"version": "3.44.7", "status": "affected"}, {"version": "3.44.8", "status": "affected"}, {"version": "3.44.9", "status": "affected"}, {"version": "3.44.10", "status": "affected"}, {"version": "3.44.11", "status": "affected"}, {"version": "3.44.12", "status": "affected"}, {"version": "3.44.13", "status": "affected"}, {"version": "3.44.14", "status": "affected"}, {"version": "3.44.15", "status": "affected"}]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D\u00edgitro NGC Explorer up to 3.44.15 and classified as problematic. This issue affects some unknown processing. The manipulation leads to session expiration. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "Eine problematische Schwachstelle wurde in D\u00edgitro NGC Explorer bis 3.44.15 gefunden. Betroffen davon ist ein unbekannter Prozess. Durch das Beeinflussen mit unbekannten Daten kann eine session expiration-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseSeverity": "MEDIUM"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "baseSeverity": "MEDIUM"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "timeline": [{"time": "2025-05-10T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2025-05-10T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2025-05-10T07:35:09.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "j369 (VulDB User)", "type": "reporter"}], "references": [{"url": "https://vuldb.com/?id.308273", "name": "VDB-308273 | D\u00edgitro NGC Explorer session expiration", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.308273", "name": "VDB-308273 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.565309", "name": "Submit #565309 | D\u00edgitro NGC Explorer 3.44.15 Improper session token expiration", "tags": ["third-party-advisory"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-12T14:33:25.278396Z", "id": "CVE-2025-4528", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-12T14:33:36.562Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "D\u00edgitro NGC Explorer session expiration", "credits": [{"lang": "en", "type": "reporter", "value": "j369 (VulDB User)"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 4.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 4, "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"}}], "affected": [{"vendor": "D\u00edgitro", "product": "NGC Explorer", "versions": [{"status": "affected", "version": "3.44.0"}, {"status": "affected", "version": "3.44.1"}, {"status": "affected", "version": "3.44.2"}, {"status": "affected", "version": "3.44.3"}, {"status": "affected", "version": "3.44.4"}, {"status": "affected", "version": "3.44.5"}, {"status": "affected", "version": "3.44.6"}, {"status": "affected", "version": "3.44.7"}, {"status": "affected", "version": "3.44.8"}, {"status": "affected", "version": "3.44.9"}, {"status": "affected", "version": "3.44.10"}, {"status": "affected", "version": "3.44.11"}, {"status": "affected", "version": "3.44.12"}, {"status": "affected", "version": "3.44.13"}, {"status": "affected", "version": "3.44.14"}, {"status": "affected", "version": "3.44.15"}]}], "timeline": [{"lang": "en", "time": "2025-05-10T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2025-05-10T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2025-05-10T07:35:09.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/?id.308273", "name": "VDB-308273 | D\u00edgitro NGC Explorer session expiration", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/?ctiid.308273", "name": "VDB-308273 | CTI Indicators (IOB, IOC)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/?submit.565309", "name": "Submit #565309 | D\u00edgitro NGC Explorer 3.44.15 Improper session token expiration", "tags": ["third-party-advisory"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D\u00edgitro NGC Explorer up to 3.44.15 and classified as problematic. This issue affects some unknown processing. The manipulation leads to session expiration. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "de", "value": "Eine problematische Schwachstelle wurde in D\u00edgitro NGC Explorer bis 3.44.15 gefunden. Betroffen davon ist ein unbekannter Prozess. Durch das Beeinflussen mit unbekannten Daten kann eine session expiration-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-613", "description": "Session Expiration"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2025-05-11T03:00:06.849Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-4528", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-12T14:33:25.278396Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2025-05-12T14:33:29.321Z"}}]}, "cveMetadata": {"cveId": "CVE-2025-4528", "state": "PUBLISHED", "dateUpdated": "2025-05-11T03:00:06.849Z", "dateReserved": "2025-05-10T05:30:00.544Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2025-05-11T03:00:06.849Z", "assignerShortName": "VulDB"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in D\u00edgitro NGC Explorer up to 3.44.15 and classified as problematic. This issue affects some unknown processing. The manipulation leads to session expiration. The attack may be initiated remotely. The vendor was contacted early about this disclosure but did not respond in any way."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en D\u00edgitro NGC Explorer hasta la versi\u00f3n 3.44.15, clasificada como problem\u00e1tica. Este problema afecta a algunos procesos desconocidos. La manipulaci\u00f3n provoca la expiraci\u00f3n de la sesi\u00f3n. El ataque podr\u00eda iniciarse remotamente. Se contact\u00f3 al proveedor con antelaci\u00f3n para informarle sobre esta divulgaci\u00f3n, pero no respondi\u00f3."}], "id": "CVE-2025-4528", "lastModified": "2025-05-12T17:32:32.760", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "NONE", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "cna@vuldb.com", "type": "Secondary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "cna@vuldb.com", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cna@vuldb.com", "type": "Secondary"}]}, "published": "2025-05-11T03:15:24.970", "references": [{"source": "cna@vuldb.com", "url": "https://vuldb.com/?ctiid.308273"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?id.308273"}, {"source": "cna@vuldb.com", "url": "https://vuldb.com/?submit.565309"}], "sourceIdentifier": "cna@vuldb.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-613"}], "source": "cna@vuldb.com", "type": "Primary"}]}

{}