CVE-2025-4762

Published May 15, 2025

Last updated a month ago

CVSS low 2.0

Overview

Description
Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms allow an unauthenticated attacker to access arbitrary files in the document system via manipulation of file paths and object identifiers.
Source
8ca67973-55d1-4246-bb7c-ce7e65ad8782
NVD status
Awaiting Analysis

Risk scores

CVSS 4.0

Type
Secondary
Base score
2
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity
LOW

Weaknesses

8ca67973-55d1-4246-bb7c-ce7e65ad8782
CWE-20

Social media

Hype score
Not currently trending

  1. CVE-2025-4762 Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms allow an unauthenticated atta… https://t.co/lDeJluyNT1

    @CVEnew

    15 May 2025

    338 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.