CVE-2025-70982
BaseFortify
Publication date: 2026-01-26
Last updated on: 2026-02-12
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| bladex | springblade | 4.5.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-70982 is an authorization vulnerability in the importUser function of SpringBlade v4.5.0. The importUser API allows users to upload Excel files to import user data into the system database without performing any authentication or permission checks. This means attackers with low-level or no privileges can arbitrarily add or modify sensitive user data by exploiting this missing access control, potentially compromising the integrity and security of the user database. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow unauthorized or low-privilege attackers to import arbitrary user data into the system database. This can lead to database pollution, unauthorized creation of user accounts, and potential compromise of data integrity and security within the application. Attackers could inject malicious or illegal user entries, which may affect system operations and trustworthiness. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by monitoring for POST requests to the 'import-user' API endpoint in SpringBlade v4.5.0. Specifically, look for HTTP POST requests that upload Excel files (.xls or .xlsx) to the 'import-user' endpoint without proper authentication or authorization. Network or application logs showing such requests from unauthorized users may indicate exploitation attempts. For example, using curl to test the endpoint: curl -X POST -F "[email protected]" http://<target>/import-user. Additionally, inspecting application logs for calls to the importUser function without corresponding authentication events can help detect misuse. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include implementing proper authentication and authorization checks on the 'importUser' API endpoint to ensure only authorized users can import user data. Restrict access to the 'import-user' endpoint to trusted administrators or roles. If possible, disable or restrict the import functionality until a patch or update is applied. Monitor logs for suspicious import attempts and review imported user data for unauthorized entries. Applying updates or patches from the SpringBlade project addressing this issue is also recommended once available. [1, 2]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized users to import arbitrary sensitive user data into the system without proper access control, which can lead to unauthorized data manipulation and potential exposure of personal information. This lack of access control and potential data integrity compromise can negatively impact compliance with standards and regulations such as GDPR and HIPAA that require strict controls over personal and sensitive data access and processing. [1, 2]