CVE-2025-49653
Awaiting Analysis
Awaiting Analysis - Queue
BaseFortify
Publication date: 2025-06-09
Last updated on: 2025-06-12
Assigner: HiddenLayer
Description
Description
Exposure of sensitive data in active sessions in Lablup's BackendAI allows attackers to retrieve credentials for users on the management platform.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in Lablup's BackendAI involves the exposure of sensitive data during active sessions, allowing attackers to retrieve user credentials on the management platform.
How can this vulnerability impact me? :
An attacker exploiting this vulnerability could gain access to user credentials, potentially leading to unauthorized access, data breaches, and full compromise of the management platform.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70