Telemessage
CVE-2025-48928
MEDIUM
Severity by source
AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025.
AnalysisAI
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be. Rated medium severity (CVSS 4.0), this vulnerability is no authentication required, low attack complexity. Actively exploited in the wild (cisa kev) and no vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-528. The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap content is roughly equivalent to a "core dump" in which a password previously sent over HTTP would be included in this dump, as exploited in the wild in May 2025. Affected products include: Smarsh Telemessage. Version information: through 2025.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Telemessage
View allThe TeleMessage archiving backend through 2025-05-05 accepts API calls (to request an authentication token) from the TM
The TeleMessage service through 2025-05-05 relies on MD5 for password hashing, which opens up various attack possibiliti
The TeleMessage service through 2025-05-05 stores certain cleartext information in memory, even though memory content ma
The TeleMessage service through 2025-05-05 implements authentication through a long-lived credential (e.g., not a token
The TeleMessage service through 2025-05-05 configures Spring Boot Actuator with an exposed heap dump endpoint at a /heap
The admin panel in the TeleMessage service through 2025-05-05 allows attackers to discover usernames, e-mail addresses,
The TeleMessage service through 2025-05-05 relies on the client side (e.g., the TM SGNL app) to do MD5 hashing, and then
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today