CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-24527: An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another tenant's 128-bit connector GUID,...

8.0 CVSS

Description

An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another tenant's 128-bit connector GUID, they can execute debug commands on that connector.

Classification

CVE ID: CVE-2025-24527

CVSS Base Severity: HIGH

CVSS Base Score: 8.0

Affected Products

Vendor: Akamai

Product: Enterprise Application Access

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.04% (probability of being exploited)

EPSS Percentile: 11.77% (scored less or equal to compared to others)

EPSS Date: 2025-02-28 (when was this score calculated)

References

https://techdocs.akamai.com/eaa/changelog
https://techdocs.akamai.com/eaa/changelog/january-29-2024

Timeline

2025-01-30 08:58:50 UTC
CVE

An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another tenant's 128-bit connector GUID,...