CVE-2025-54088
BaseFortify
Publication date: 2025-10-02
Last updated on: 2025-10-16
Assigner: NetMotion Software
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| absolute | secure_access | to 14.10 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-601 | The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-54088 is an open-redirect vulnerability in Secure Access versions prior to 14.10. It allows attackers who have access to the console to redirect users to arbitrary URLs. The attack is low complexity, requires no privileges, but users must actively participate in the attack. The vulnerability itself has low impact on confidentiality and no impact on integrity or availability, but it can lead to high severity impacts on subsequent systems.
How can this vulnerability impact me? :
This vulnerability can allow attackers to redirect users to malicious websites, potentially leading to phishing attacks or malware infections. While the direct impact on confidentiality, integrity, and availability of the affected system is low or none, the redirected systems or subsequent systems may suffer high severity impacts in these areas.