CVE-2025-70983
BaseFortify
Publication date: 2026-01-23
Last updated on: 2026-02-11
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| bladex | springblade | 4.5.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-284 | The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor. |
| CWE-862 | The product does not perform an authorization check when an actor attempts to access a resource or perform an action. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2025-70983 is an improper access control vulnerability in the authRoutes function of SpringBlade v4.5.0. The function fails to verify tenant identity when returning user-specific routes based on role IDs, allowing authenticated users with low-level privileges to access permission details and routes intended for other users or admin tenants. This lack of tenant-aware authorization can lead to privilege escalation by granting unauthorized access to restricted routes and permissions. [2, 3]
How can this vulnerability impact me? :
This vulnerability can allow an attacker with low-level privileges to escalate their access rights by viewing or accessing routes and permissions that should be restricted to higher-privileged users or admin tenants. This unauthorized access can lead to disclosure of sensitive permission information and potentially unauthorized actions within the application, compromising the security and integrity of the system. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by testing the authRoutes function to see if it improperly returns route permissions for users without verifying tenant identity. You can attempt to authenticate as a low-privilege user and query the authRoutes endpoint or function to check if it returns routes or permissions that should be restricted to admin tenants. Specific commands depend on your environment, but generally, you can use HTTP request tools like curl or Postman to send authenticated requests to the authRoutes API endpoint and observe if unauthorized routes are returned. For example, a curl command might be: curl -H "Authorization: Bearer <low-privilege-token>" https://<springblade-server>/api/authRoutes. If the response includes routes or permissions reserved for admin tenants, the vulnerability is present. [2, 3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves updating the authRoutes function to include tenant identity verification similar to other functions like grantTree and grantDataScopeTree. Specifically, modify authRoutes to check if the user's tenant ID equals the admin tenant ID and restrict route access accordingly. If a patch or updated version of SpringBlade v4.5.0 is available that includes this fix, apply it promptly. Additionally, restrict access to the authRoutes endpoint to only authorized users and monitor for suspicious access patterns. If a patch is not yet available, consider implementing temporary access controls or network-level restrictions to limit exposure. [3]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability allows unauthorized users to escalate privileges and access permission details of other users without proper authorization. This improper access control can lead to unauthorized disclosure of sensitive information, which may result in non-compliance with standards and regulations such as GDPR and HIPAA that require strict access controls and protection of sensitive data. Therefore, the vulnerability negatively impacts compliance by potentially exposing sensitive user permission information and failing to enforce proper authorization. [2, 3]