{"vulnerability": "CVE-2025-2504", "sightings": [{"uuid": "815e7ad4-4555-4bff-8cbf-d9335a71c4fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25040", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkoihzqn7p2n", "content": "", "creation_timestamp": "2025-03-18T20:18:40.921398Z"}, {"uuid": "2a0c1633-867a-4446-9ccb-454157044d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25042", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkoihzz5jf26", "content": "", "creation_timestamp": "2025-03-18T20:18:42.226651Z"}, {"uuid": "ae4795e7-f755-41bd-82cb-6858fc34e8a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-2504", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ltb3hekfpm2s", "content": "", "creation_timestamp": "2025-07-06T01:07:42.920485Z"}, {"uuid": "c8202f38-c0b7-4ff8-b77e-b921695f5a9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25045", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnjjsscbai2h", "content": "", "creation_timestamp": "2025-04-24T01:14:47.892637Z"}, {"uuid": "5f3e9d7a-9ccf-4731-9e33-726830eec6a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25046", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnjjssojuq2d", "content": "", "creation_timestamp": "2025-04-24T01:14:49.229304Z"}, {"uuid": "6b3c1c0d-bcd0-45a2-a352-6e81ce0d8060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25044", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lqkbkua5whz2", "content": "", "creation_timestamp": "2025-06-01T12:35:35.014690Z"}, {"uuid": "1f81a508-7d86-441e-a7bf-b327bea38b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25045", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13160", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25045\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request.  This information could be used in further attacks against the system.\n\ud83d\udccf Published: 2025-04-23T22:23:10.087Z\n\ud83d\udccf Modified: 2025-04-23T22:23:10.087Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7231332", "creation_timestamp": "2025-04-23T23:05:05.000000Z"}, {"uuid": "a9e8eae1-74dd-42aa-9e0e-2110d1d523e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25042", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7980", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25042\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability in the AOS-CX REST interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation could allow an attacker to read encrypted credentials of other users on the switch, potentially leading to further unauthorized access or data breaches.\n\ud83d\udccf Published: 2025-03-18T19:02:02.192Z\n\ud83d\udccf Modified: 2025-03-18T19:27:35.020Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04818en_us&docLocale=en_US", "creation_timestamp": "2025-03-18T19:48:53.000000Z"}, {"uuid": "970c666d-3f1b-42bc-bd19-eefda1046968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25040", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7985", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25040\n\ud83d\udd25 CVSS Score: 3.3 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects: \n\n     - AOS-CX 10.14.xxxx : All patches\n     - AOS-CX 10.15.xxxx : 10.15.1000 and below \nThe vulnerability is specific to traffic originated by the CX 9300 switch platform and could allow an attacker to bypass ACL rules applied to routed ports on egress. As a result, port ACLs are not correctly enforced, which could lead to unauthorized traffic flow and violations of security policies. Egress VLAN ACLs and Routed VLAN ACLs are not affected by this vulnerability.\n\ud83d\udccf Published: 2025-03-18T18:59:54.510Z\n\ud83d\udccf Modified: 2025-03-18T19:24:02.485Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04818en_us&docLocale=en_US", "creation_timestamp": "2025-03-18T19:49:01.000000Z"}, {"uuid": "13026402-def8-4d26-b8b4-4a8e86cd1885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25048", "type": "seen", "source": "Telegram/6CGzjFKL8BBZ93B4_c4n6USDwm6My37dTeXU4KfyfW6TL8I", "content": "", "creation_timestamp": "2026-01-09T03:04:28.000000Z"}, {"uuid": "85d1dcce-5e34-43a9-b590-7ce2e2801b05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25041", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9960", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25041\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft Windows Operating System. This vulnerability does not affect Linux and Android based clients.\n\ud83d\udccf Published: 2025-04-01T16:45:53.717Z\n\ud83d\udccf Modified: 2025-04-01T16:45:53.717Z\n\ud83d\udd17 References:\n1. https://support.hpe.com/hpesc/public/docDisplay?docId=hpesbnw04841en_us&docLocale=en_US", "creation_timestamp": "2025-04-01T17:32:42.000000Z"}, {"uuid": "25658843-2f65-4eb4-9190-7196e81d133e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25044", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lqknxxxd6z2m", "content": "", "creation_timestamp": "2025-06-01T16:17:30.272720Z"}, {"uuid": "9ba3ddc5-d585-41fc-9f15-d7f6bd0fc3f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25046", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13159", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-25046\n\ud83d\udd25 CVSS Score: 3.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: IBM InfoSphere Information Server 11.7\u00a0DataStage Flow Designer\u00a0\n\ntransmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques.\n\ud83d\udccf Published: 2025-04-23T22:24:43.269Z\n\ud83d\udccf Modified: 2025-04-23T22:24:43.269Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7231333", "creation_timestamp": "2025-04-23T23:05:04.000000Z"}, {"uuid": "5080e665-f6ca-45ee-b477-5585ff596492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25040", "type": "seen", "source": "https://t.me/cvedetector/20605", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25040 - Aruba Networking CX 9300 Switch Series Port ACL Egress Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25040 \nPublished : March 18, 2025, 7:15 p.m. | 1\u00a0hour, 22\u00a0minutes ago \nDescription : A vulnerability has been identified in the port ACL functionality of AOS-CX software running on the HPE Aruba Networking CX 9300 Switch Series only and affects:   \n  \n     - AOS-CX 10.14.xxxx : All patches  \n     - AOS-CX 10.15.xxxx : 10.15.1000 and below   \nThe vulnerability is specific to traffic originated by the CX 9300 switch platform and could allow an attacker to bypass ACL rules applied to routed ports on egress. As a result, port ACLs are not correctly enforced, which could lead to unauthorized traffic flow and violations of security policies. Egress VLAN ACLs and Routed VLAN ACLs are not affected by this vulnerability. \nSeverity: 3.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T21:55:40.000000Z"}, {"uuid": "6e75aeb0-cf98-420c-9f8a-b84c1454a072", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25046", "type": "seen", "source": "https://t.me/cvedetector/23624", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25046 - IBM InfoSphere Information Server DataStage Flow Designer Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-25046 \nPublished : April 23, 2025, 11:15 p.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : IBM InfoSphere Information Server 11.7\u00a0DataStage Flow Designer\u00a0  \n  \ntransmits sensitive information via URL or query parameters that could be exposed to an unauthorized actor using man in the middle techniques. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T03:01:44.000000Z"}, {"uuid": "5199e830-3ad0-4bf3-8db8-35029ca996b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25045", "type": "seen", "source": "https://t.me/cvedetector/23625", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25045 - IBM InfoSphere Information Server Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2025-25045 \nPublished : April 23, 2025, 11:15 p.m. | 1\u00a0hour, 8\u00a0minutes ago \nDescription : IBM InfoSphere Information 11.7 Server authenticated user to obtain sensitive information when a detailed technical error message is returned in a request.  This information could be used in further attacks against the system. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T03:01:45.000000Z"}, {"uuid": "94b9b3c9-fa0c-47b4-963e-a9047fecc7ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25042", "type": "seen", "source": "https://t.me/cvedetector/20606", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25042 - \"Aruba AOS-CX Information Disclosure Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2025-25042 \nPublished : March 18, 2025, 7:15 p.m. | 1\u00a0hour, 22\u00a0minutes ago \nDescription : A vulnerability in the AOS-CX REST interface could allow an authenticated remote attacker with low privileges to view sensitive information. Successful exploitation could allow an attacker to read encrypted credentials of other users on the switch, potentially leading to further unauthorized access or data breaches. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T21:55:41.000000Z"}, {"uuid": "1a155617-7056-4341-8ecb-c127ce1dfd39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-25041", "type": "seen", "source": "https://t.me/cvedetector/21778", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-25041 - Aruba Networking VIA Client File Overwrite Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-25041 \nPublished : April 1, 2025, 5:15 p.m. | 15\u00a0minutes ago \nDescription : A vulnerability in the HPE Aruba Networking Virtual Intranet Access (VIA) client could allow malicious users to overwrite arbitrary files as NT AUTHORITY\\SYSTEM (root). A successful exploit could allow the creation of a Denial-of-Service (DoS) condition affecting the Microsoft Windows Operating System. This vulnerability does not affect Linux and Android based clients. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-01T19:44:19.000000Z"}]}