CVE-2025-55886
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-22

Last updated on: 2025-11-17

Assigner: MITRE

Description
An Insecure Direct Object Reference (IDOR) vulnerability was discovered in ARD. The flaw exists in the `fe_uid` parameter of the payment history API endpoint. An authenticated attacker can manipulate this parameter to access the payment history of other users without authorization.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-22
Last Modified
2025-11-17
Generated
2026-06-16
AI Q&A
2025-09-22
EPSS Evaluated
2026-06-15
NVD
CVE-2025-55886
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
ard ard *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-693 The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an Insecure Direct Object Reference (IDOR) flaw in the ARD product's payment history API endpoint. It occurs because the `fe_uid` parameter, which specifies the user ID in API requests, lacks proper access control. As a result, an authenticated attacker can manipulate this parameter to access payment history data of other users without authorization. [1]

Impact Analysis

This vulnerability can lead to unauthorized disclosure of sensitive payment history information belonging to other users. If exploited, an attacker could access private financial data, potentially leading to privacy breaches, identity theft, or financial fraud. [1]

Detection Guidance

You can detect this vulnerability by monitoring API requests to the payment history endpoint and checking for manipulation of the `fe_uid` parameter. Specifically, look for authenticated requests to URLs matching the pattern: https://services.ard.fr/?eID=tx_afereload_records with varying `fe_uid` values that do not correspond to the authenticated user. Commands such as using curl to test the endpoint with different `fe_uid` values can help verify if unauthorized access is possible. For example: curl -i -H "Authorization: Bearer <token>" "https://services.ard.fr/?eID=tx_afereload_records&_dc=1743696277812&fe_uid=<other_user_id>&startTimestamp=...&endTimestamp=...&mobile=1&page=1&start=0&limit=100". Additionally, network monitoring tools can be configured to alert on unusual `fe_uid` parameter values in authenticated sessions. [1]

Mitigation Strategies

Immediate mitigation steps include applying the patch released on April 23, 2025, which fixes the improper access control on the `fe_uid` parameter in the payment history API endpoint. If patching is not immediately possible, restrict access to the API endpoint to trusted users only, implement strict server-side authorization checks to ensure the `fe_uid` parameter matches the authenticated user's ID, and monitor logs for suspicious access patterns involving the `fe_uid` parameter. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-55886. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart