ketr JEPaaS CVE-2025-14694
LOWSeverity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A vulnerability was found in ketr JEPaaS up to 7.2.8. This impacts the function readAllPostil of the file /je/postil/postil/readAllPostil. Performing a manipulation of the argument keyWord results in sql injection. The attack can be initiated remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
AnalysisAI
SQL injection in ketr JEPaaS up to version 7.2.8 allows high-privileged remote attackers to manipulate the keyWord argument in the readAllPostil function (/je/postil/postil/readAllPostil), resulting in limited confidentiality, integrity, and availability impact. Publicly available exploit code exists, though the CVSS score of 2.0 reflects the requirement for high-level privileges (PR:H), significantly limiting real-world exploitation scope.
Technical ContextAI
The vulnerability exists in the readAllPostil function within JEPaaS's postil module, where user-supplied input to the keyWord parameter is inadequately sanitized before being incorporated into SQL queries. This represents a classic SQL injection flaw (CWE-74: Improper Neutralization of Special Elements used in an Output) where an attacker with high-privileged access can craft malicious SQL syntax to bypass intended query logic. The issue affects the endpoint /je/postil/postil/readAllPostil, which appears to handle post-reading operations within the JEPaaS application framework.
Affected ProductsAI
ketr JEPaaS versions up to and including 7.2.8 are affected. The vulnerable code path is specifically the readAllPostil function accessible via the /je/postil/postil/readAllPostil endpoint. Exact CPE information is not available from vendor or NVD data, but the product identifier is ketr JEPaaS with version constraint <=7.2.8.
RemediationAI
Upgrade ketr JEPaaS to a version beyond 7.2.8; however, note that the vendor (ketr) has not responded to disclosure attempts, meaning a patched version may not be officially available. Organizations should contact ketr directly to request a security patch or inquire about the patched version status. As an interim compensating control, restrict network access to the /je/postil/postil/readAllPostil endpoint using web application firewall (WAF) rules or network-level access controls, limiting exposure to only trusted users and systems that require access to this functionality. Additionally, audit database user permissions for the JEPaaS application to ensure the database connection uses a service account with minimal privileges (not administrative credentials), limiting the blast radius if SQL injection is successfully exploited. Given the PR:H requirement, enforce strong authentication and access control policies to minimize accounts with high-privilege levels.
Share
External POC / Exploit Code
Leaving vuln.today