CVE-2025-66698
Unknown Unknown - Not Provided
Authentication Bypass in Semantic Machines v5.4.8 APIs

Publication date: 2026-01-13

Last updated on: 2026-02-05

Assigner: MITRE

Description
An issue in Semantic machines v5.4.8 allows attackers to bypass authentication via sending a crafted HTTP request to various API endpoints.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-02-05
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-14
NVD
CVE-2025-66698
EUVD
EUVD-2026-2335
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
semantic_systems_inc veda to 5.4.8 (exc)
semantic-machines veda 5.4.8
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-287 When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-66698 is an authentication bypass vulnerability in Semantic Machines Veda version 5.4.8 and likely earlier versions. It occurs because the system improperly validates the 'ticket' parameter, accepting an empty string as a valid session token. This flaw allows attackers to send crafted HTTP requests to various API endpoints and gain unauthorized access without any privileges or user interaction. [2]

Impact Analysis

This vulnerability can allow remote attackers to bypass authentication and access sensitive information such as user policies and personally identifiable information (PII) including full names, photographs, job titles, birth dates, and contact details. Attackers can enumerate default users and system accounts, leading to a high confidentiality impact. However, it does not affect data integrity or availability. [2]

Detection Guidance

This vulnerability can be detected by sending HTTP requests with an empty 'ticket' parameter to the affected API endpoints and checking for unauthorized access. Example commands include using curl to test endpoints such as: curl -k "https://localhost/get_individual?ticket=&uri=cfg:Administrator" curl -k "https://localhost/get_membership?ticket=&uri=cfg:SuperUser" curl -k "https://localhost/is_ticket_valid?ticket=" If the last endpoint returns "true" with an empty ticket, it confirms the authentication bypass vulnerability. [2]

Mitigation Strategies

Immediate mitigation steps include restricting access to the vulnerable API endpoints, implementing proper validation to reject empty or invalid 'ticket' parameters, and applying any available patches or updates from the vendor. Additionally, monitoring for suspicious requests with empty tickets and disabling or limiting the use of hardcoded system tickets can reduce risk until a fix is applied. [2]

Compliance Impact

The vulnerability allows unauthorized access to sensitive information including personally identifiable information (PII) such as full names, photographs, job titles, birth dates, and contact details. This exposure of PII can lead to non-compliance with data protection regulations like GDPR and HIPAA, which require strict controls on access to personal data and protection against unauthorized disclosure. [2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-66698. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart