- Description
- Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password Recovery. Passwords are either stored in plain text using reversible encryption, allowing an attacker with sufficient privileges to extract plain text passwords easily. This issue affects BASEC: from 14 Dec 2021.
- Source
- csirt@divd.nl
- NVD status
- Awaiting Analysis
CVSS 4.0
- Type
- Secondary
- Base score
- 9.3
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:X
- Severity
- CRITICAL
- csirt@divd.nl
- CWE-522
- Hype score
- Not currently trending
🚨 CVE-2025-22372 🔴 HIGH (8.4) 🏢 SicommNet - BASEC 🏗️ 14 Dec 2021 🔗 https://t.co/RKsdPc3pjd 🔗 https://t.co/lYNkHEIEkx 🔗 https://t.co/6vnzPQXXWR #CyberCron #VulnAlert #InfoSec https://t.co/P62w4toOuu
@cybercronai
16 Apr 2025
15 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-22372: CRITICAL] SicommNet BASEC SaaS platform faces critical cyber security risk with Insufficiently Protected Credentials leading to Password Recovery vulnerability from 14 Dec 2021 onwards.#cybersecurity,#vulnerability https://t.co/vDs0Aa5wwC https://t.co/wGVv85YF1Y
@CveFindCom
14 Apr 2025
68 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-22372 Insufficiently Protected Credentials vulnerability in SicommNet BASEC on SaaS allows Password Recovery. Passwords are either stored in plain text using reversible enc… https://t.co/JWb4aM9ZkS
@CVEnew
14 Apr 2025
481 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes