CVE-2025-34026 in Concertoinformação

Sumário

de MITRE • 22/05/2025

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Responsável

VulnCheck

Reservar

15/04/2025

Divulgação

22/05/2025

Moderação

aceite

Entrada

VDB-309948

CPE

pronto

CWE

CWE-287 (confirmado)

CVSS

7.5 (NVD)

EPSS

0.71079

KEV

sim

Atividades

muito baixo

Fontes

MITRE	https://www.cve.org/CVERecord?id=CVE-2025-34026
NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-34026
CVE Details	https://www.cvedetails.com/cve/CVE-2025-34026/

◂ Voltar Visão Geral Próximo ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!