Skip to main content

CVE-2025-14088

| EUVDEUVD-2025-201415 LOW
Incorrect Privilege Assignment (CWE-266)
2025-12-05 cna@vuldb.com
2.1
CVSS 4.0 · NVD

Severity by source

NVD PRIMARY
2.1 LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

5
Severity Changed
Apr 29, 2026 - 01:11 NVD
MEDIUM LOW
CVSS changed
Apr 29, 2026 - 01:11 NVD
6.3 (MEDIUM) 2.1 (LOW)
EUVD ID Assigned
Mar 15, 2026 - 17:08 euvd
EUVD-2025-201415
Analysis Generated
Mar 15, 2026 - 17:08 vuln.today
CVE Published
Dec 05, 2025 - 15:15 nvd
MEDIUM 6.3

DescriptionCVE.org

A vulnerability was determined in ketr JEPaaS up to 7.2.8. Affected by this vulnerability is an unknown functionality of the file /je/load. This manipulation of the argument Authorization causes improper authorization. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.

AnalysisAI

A security vulnerability in ketr JEPaaS (CVSS 6.3). Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor. Affects ketr JEPaaS.

RemediationAI

Monitor vendor channels for patch availability.

Share

CVE-2025-14088 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy