CVE-2025-6571
Unknown
Unknown - Not Provided
BaseFortify
Publication date: 2025-11-11
Last updated on: 2025-11-12
Assigner: Axis Communications AB
Description
Description
A 3rd-party component exposed its password in process arguments, allowing for low-privileged users to access it.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| axis | axis_os | 12.6.66 |
| axis | axis_os | 11.11.169 |
| axis | axis_os | 12.0.0 |
| axis | axis_os | 11.11.0 |
Helpful Resources
Exploitability
CWE
KEV
| CWE ID | Description |
|---|---|
| CWE-522 | The product transmits or stores authentication credentials, but it uses an insecure method that is susceptible to unauthorized interception and/or retrieval. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves a third-party component that exposes its password in the process arguments. This exposure allows low-privileged users to access the password, potentially compromising security.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized access by low-privileged users who can obtain the exposed password from process arguments. This can result in confidentiality and integrity breaches, potentially allowing attackers to gain elevated access or disrupt system operations.
Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70