CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-25060: Missing authentication for critical function vulnerability exists in AssetView and AssetView CLOUD. If exploited, the files on the server where the...

8.2 CVSS

Description

Missing authentication for critical function vulnerability exists in AssetView and AssetView CLOUD. If exploited, the files on the server where the product is running may be obtained and/or deleted by a remote unauthenticated attacker.

Classification

CVE ID: CVE-2025-25060

CVSS Base Severity: HIGH

CVSS Base Score: 8.2

CVSS Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N

Problem Types

Missing authentication for critical function

Affected Products

Vendor: Hammock Corporation, Hammock Corporation, Hammock Corporation

Product: AssetView, AssetView CLOUD, AssetView CLOUD

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.13% (probability of being exploited)

EPSS Percentile: 34.37% (scored less or equal to compared to others)

EPSS Date: 2025-05-01 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-25060
https://www.hammock.jp/assetview/info/250325.html
https://jvn.jp/en/jp/JVN26321838/

Timeline

2025-04-02 04:40:17 UTC
CVE

Missing authentication for critical function vulnerability exists in AssetView and AssetView CLOUD. If exploited, the files on the server where the...