CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-48741: A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote,...

6.8 CVSS

Description

A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote, authenticated, and unprivileged users to retrieve alerts, cases, logs, observables, or tasks, regardless of the user's permissions, through a specific API endpoint.

Classification

CVE ID: CVE-2025-48741

CVSS Base Severity: MEDIUM

CVSS Base Score: 6.8

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N

Problem Types

CWE-266 Incorrect Privilege Assignment

Affected Products

Vendor: StrangeBee

Product: TheHive

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.03% (probability of being exploited)

EPSS Percentile: 8.89% (scored less or equal to compared to others)

EPSS Date: 2025-06-18 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-48741
https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2025-004.md

Timeline

2025-05-23 20:40:12 UTC
CVE

A Broken Access Control vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, and 5.4.0 before 5.4.10 allows remote,...