How to fix CVE-2025-6056?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Ergon Informatik AG's Airlock IAM affected by CVE-2025-6056?

CVE-2025-6056 presents notable security risk rated CVSS 6.9. Exploitation could compromise the security of affected deployments. Organizations should apply vendor updates when available and monitor for exploitation.

Ergon Informatik AG's Airlock IAM CVE-2025-6056

EUVD-2025-19964 MEDIUM

Observable Discrepancy (CWE-203)

2025-07-04 [email protected]

Information Disclosure

6.9

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Lifecycle Timeline

Analysis Generated

Mar 16, 2026 - 02:42 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 02:42 euvd

EUVD-2025-19964

CVE Published

Jul 04, 2025 - 12:15 nvd

MEDIUM 6.9

DescriptionNVD

Timing difference in password reset in Ergon Informatik AG's Airlock IAM 7.7.9, 8.0.8, 8.1.7, 8.2.4 and 8.3.1 allows unauthenticated attackers to enumerate usernames.

AnalysisAI

CVE-2025-6056 is a security vulnerability (CVSS 6.9) that allows unauthenticated attackers. Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor.

RemediationAI

Monitor vendor channels for patch availability.

CVE-2025-6056 vulnerability details – vuln.today

Back