CVE Vulnerabilities

CVE-2025-22492

Insecure Storage of Sensitive Information

Published: Feb 28, 2025 | Modified: Feb 28, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu

The connection string visible to users with access to FRSCore database on Foreseer Reporting Software (FRS) VM, this string can be used for gaining administrative access to the 4crXref database. This vulnerability has been resolved in the latest version 1.5.100 of FRS.

Weakness

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

References