CVE-2025-24527

{"id": "CVE-2025-24527", "cveTags": [{"tags": ["exclusively-hosted-service"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "cve@mitre.org", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 8.0, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 6.0, "exploitabilityScore": 1.3}]}, "published": "2025-01-29T17:15:29.873", "references": [{"url": "https://techdocs.akamai.com/eaa/changelog", "source": "cve@mitre.org"}, {"url": "https://techdocs.akamai.com/eaa/changelog/january-29-2025", "source": "cve@mitre.org"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "cve@mitre.org", "description": [{"lang": "en", "value": "CWE-732"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another tenant's 128-bit connector GUID, they can execute debug commands on that connector."}, {"lang": "es", "value": "Se descubri\u00f3 un problema en Akamai Enterprise Application Access (EAA) antes del 17 de enero de 2025. Si un administrador conoce el GUID del conector de 128 bits de otro inquilino, puede ejecutar comandos de depuraci\u00f3n en ese conector."}], "lastModified": "2025-02-24T16:15:14.683", "sourceIdentifier": "cve@mitre.org"}