Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
Authorization Bypass vulnerability in Creartia's ICMS software could allow an attacker to gain unauthorized access to protected features by manipulating the HTTP redirect headers of the login process, causing the script to continue running and enabling privilege escalation without the need for credentials.
AnalysisAI
Authorization bypass in Creartia's ICMS content management system allows remote unauthenticated attackers to gain unauthorized access to protected features and escalate privileges by manipulating HTTP redirect headers during the login process. The vulnerability has a CVSS 9.3 score and vendor patches are available through INCIBE advisory.
Technical ContextAI
The vulnerability affects Creartia Internet Consulting's ICMS (Internet Content Management System) software, identified by CPE cpe:2.3:a:creartia_internet_consulting:icms_content_management. The root cause is CWE-288 (Authentication Bypass Using an Alternate Path or Channel), where the application fails to properly validate authentication state after processing redirect headers. When login redirect headers are manipulated, the authentication script continues execution despite the redirect, allowing attackers to bypass authentication checks and access protected functionality.
RemediationAI
Apply the vendor patch available through the INCIBE advisory at https://www.incibe.es/en/incibe-cert/notices/aviso/authorization-bypass-icms-content-management-creartia-internet-consulting. The advisory confirms patches are available but does not specify exact fixed version numbers. As an interim mitigation, restrict network access to the ICMS login interface to trusted IP ranges only, though this may impact legitimate remote users. Monitor authentication logs for suspicious redirect manipulation attempts. Consider implementing a Web Application Firewall rule to detect and block requests with malformed redirect headers targeting the login endpoint.
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-30762
GHSA-gg2r-86qc-9w57