CVE-2025-55462

CVE

MediumConfirmedExploit available

A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in …

CVSS

6.5

Medium

EPSS

0.00

Published

2025-01-01

Updated

2025-01-01

Description

A CORS misconfiguration in Eramba Community and Enterprise Editions v3.26.0 allows an attacker-controlled Origin header to be reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials: true. This permits malicious third-party websites to perform authenticated cross-origin requests against the Eramba API, including endpoints like /system-api/login and /system-api/user/me. The response includes sensitive user session data (ID, name, email, access groups), which is accessible to the attacker's JavaScript. This flaw enables full session hijack and data exfiltration without user interaction. Eramba versions 3.23.3 and earlier were tested and appear unaffected. The vulnerability is present in default installations, requiring no custom configuration.

Tags · CWE

Pre-auth

CWE-942

Affected products

Eramba

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Timeline

2025-01-01

Published

2025-01-01

Updated

CVSS 3.1 breakdown

Attack Vector

AV: N

Network (N)

Attack Complexity

AC: L

Low (L)

Privileges Required

PR: N

None (N)

User Interaction

UI: R

Required (R)

Scope

S: U

Unchanged (U)

Confidentiality Impact

C: H

High (H)

Integrity Impact

I: N

None (N)

Availability Impact

A: N

None (N)

Exploit indicators

EPSS

0.000 · p4

Known exploited (KEV)

Known exploits — Сканер-ВС

CVE-2025-55462

github-poc · https://github.com/sibikrish001/CVE-2025-55462

Enterprise

Affected software

Product	Vendor	Status
eramba	*	Tracked

Source databases

CVE

External references

http://eramba.com@https://discussions.eramba.org/t/release-3-28-0/7860