Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable web app, low complexity, any authenticated user (PR:L), no user interaction; broken object authorization discloses attachments so C:H, I:N, A:N.
Primary rating from Vendor (flexera).
CVSS VectorVendor: flexera
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
A security vulnerability has been identified in FlexNet Manager Suite 2025 R1 and R2 that could allow unauthorized access to attachment files due to insufficient access control.
AnalysisAI
Unauthorized attachment file access in Flexera FlexNet Manager Suite 2025 R1 and R2 allows authenticated low-privileged users to retrieve attachment files belonging to other tenants or users due to insufficient access control enforcement. No public exploit identified at time of analysis, and the issue is not on the CISA KEV list, but the CVSS 4.0 base score of 7.1 reflects meaningful confidentiality impact over the network with low privileges required. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires (1) network reachability to the FlexNet Manager Suite web application or API, (2) valid authenticated credentials at any privilege level (PR:L in the CVSS 4.0 vector - a guest or read-only SAM account is sufficient; anonymous attackers cannot exploit it), and (3) the target FNMS deployment running release 2025 R1 or 2025 R2 with attachment storage enabled and populated. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | Risk signals are mixed. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained any low-privileged FNMS account - for example via a stolen helpdesk credential, a contractor login, or insider abuse - authenticates to the web application and issues attachment-retrieval requests referencing object identifiers belonging to other users, organizations, or business units. Because the server checks only that the session is authenticated rather than that the principal owns the specific attachment, it returns the sensitive document (contracts, license keys, procurement evidence). … |
| Remediation | Patch availability is per vendor advisory - consult Flexera's notice at https://community.flexera.com/s/feed/0D5PL00000ssjNi0AI for the specific fixed build for FNMS 2025 R1 and R2 and apply it on all FNMS application servers; no exact fix version is reproduced in the input data, so administrators should confirm the target build directly with Flexera support before rollout. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Identify all deployed FNMS 2025 R1 and R2 instances and catalog user roles with attachment access. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Flexnet Manager Suite
View allAn error when handling certain external commands and services related to the FlexNet Inventory Agent and FlexNet Beacon
Privilege escalation in Flexera FlexNet Manager Suite 2025 R1 allows an authenticated user holding only read-only access
Same weakness CWE-284 – Improper Access Control
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-38021
GHSA-8vqp-qfpf-cm68