How to fix EUVD-2025-19055?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

EUVD-2025-19055

| CVE-2025-5087 MEDIUM

Cleartext Transmission of Sensitive Information (CWE-319)

2025-06-24 [email protected]

Information Disclosure

6.0

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Attack Vector

Network

Attack Complexity

High

Privileges Required

None

User Interaction

Lifecycle Timeline

Patch available

Apr 16, 2026 - 05:29 EUVD

4.0

Analysis Generated

Mar 15, 2026 - 22:36 vuln.today

EUVD ID Assigned

Mar 15, 2026 - 22:36 euvd

EUVD-2025-19055

CVE Published

Jun 24, 2025 - 19:15 nvd

MEDIUM 6.0

DescriptionNVD

Kaleris NAVIS N4 ULC (Ultra Light Client) communicates insecurely using zlib-compressed data over HTTP. An attacker capable of observing network traffic between Ultra Light Clients and N4 servers can extract sensitive information, including plaintext credentials.

Analysis

Technical ContextAI

Information disclosure occurs when an application inadvertently reveals sensitive data to unauthorized actors through error messages, logs, or improper access controls. This vulnerability is classified as Cleartext Transmission of Sensitive Information (CWE-319).

RemediationAI

Implement proper access controls. Sanitize error messages in production. Review logging practices to avoid capturing sensitive data.

EUVD-2025-19055 vulnerability details – vuln.today

Back

EUVD-2025-19055

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

Analysis

Technical ContextAI

RemediationAI

Share

External POC / Exploit Code