CVE-2025-55462
BaseFortify
Publication date: 2026-01-13
Last updated on: 2026-02-05
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| eramba | eramba | 3.26.0 |
| eramba | eramba | From 3.0.0 (inc) to 3.23.3 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-942 | The product uses a web-client protection mechanism such as a Content Security Policy (CSP) or cross-domain policy file, but the policy includes untrusted domains with which the web client is allowed to communicate. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a Cross-Origin Resource Sharing (CORS) misconfiguration in Eramba Community and Enterprise Editions v3.26.0. It allows an attacker to control the Origin header, which is then reflected in the Access-Control-Allow-Origin response along with Access-Control-Allow-Credentials set to true. This enables malicious third-party websites to perform authenticated cross-origin requests against the Eramba API, including sensitive endpoints like /system-api/login and /system-api/user/me. As a result, the attacker can access sensitive user session data such as user ID, name, email, and access groups via their JavaScript, leading to full session hijack and data exfiltration without any user interaction.
How can this vulnerability impact me? :
This vulnerability can have severe impacts including unauthorized access to sensitive user session data and full session hijacking. Attackers can exploit this flaw to perform authenticated cross-origin requests and steal user information such as ID, name, email, and access groups. This can lead to data exfiltration, unauthorized actions performed on behalf of the user, and potential compromise of the affected system without any user interaction.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by inspecting the HTTP responses from the Eramba API endpoints, such as /system-api/login and /system-api/user/me, to see if the Access-Control-Allow-Origin header reflects the Origin header from the request and if Access-Control-Allow-Credentials is set to true. For example, you can use curl commands to send requests with a custom Origin header and observe the response headers. A sample command is: curl -i -H "Origin: http://malicious.example.com" https://your-eramba-instance/system-api/login. If the Access-Control-Allow-Origin header in the response matches the Origin header and Access-Control-Allow-Credentials is true, the vulnerability is present. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate step to mitigate this vulnerability is to upgrade Eramba to version 3.28.0 or later, as this release addresses CVE-2025-55462 by strengthening the CORS configuration and fixing issues related to Access-Control-Allow-Credentials headers. Additionally, review your ACL settings and custom translations as recommended in the release notes. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows attackers to hijack user sessions and exfiltrate sensitive user data such as ID, name, email, and access groups via authenticated cross-origin requests. This exposure of personal and potentially sensitive information could lead to non-compliance with data protection regulations like GDPR and HIPAA, which require safeguarding user data against unauthorized access and breaches. [1]