How to fix EUVD-2025-19964?

Within 30 days: Identify affected systems and apply vendor patches as part of regular patch cycle. Monitor vendor channels for patch availability.

Is Ergon Informatik AG's Airlock IAM affected by EUVD-2025-19964?

CVE-2025-6056 presents notable security risk rated CVSS 6.9. Exploitation could compromise the security of affected deployments. Organizations should apply vendor updates when available and monitor for exploitation.

Ergon Informatik AG's Airlock IAM EUVD-2025-19964

| CVE-2025-6056 MEDIUM

Observable Discrepancy (CWE-203)

2025-07-04 [email protected]

Information Disclosure

6.9

CVSS 4.0

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Lifecycle Timeline

Analysis Generated

Mar 16, 2026 - 02:42 vuln.today

EUVD ID Assigned

Mar 16, 2026 - 02:42 euvd

EUVD-2025-19964

CVE Published

Jul 04, 2025 - 12:15 nvd

MEDIUM 6.9

DescriptionNVD

Timing difference in password reset in Ergon Informatik AG's Airlock IAM 7.7.9, 8.0.8, 8.1.7, 8.2.4 and 8.3.1 allows unauthenticated attackers to enumerate usernames.

AnalysisAI

CVE-2025-6056 is a security vulnerability (CVSS 6.9) that allows unauthenticated attackers. Remediation should follow standard vulnerability management procedures.

Technical ContextAI

Vulnerability type not specified by vendor.

RemediationAI

Monitor vendor channels for patch availability.

EUVD-2025-19964 vulnerability details – vuln.today

Back