How severe is CVE-2025-32967?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.4 out of 10.

What type of vulnerability is CVE-2025-32967?

This is classified as CWE-778, which is a common weakness in software security.

CVE-2025-32967

MEDIUM Year: 2025

CVSS v3 Score

5.4

Medium

Weakness Type

CWE-778

View all →

Vulnerability Description

OpenEMR is a free and open source electronic health records and medical practice management application. A logging oversight in versions prior to 7.0.3.4 allows password change events to go unrecorded on the client-side log viewer, preventing administrators from auditing critical actions. This weakens traceability and opens the system to undetectable misuse by insiders or attackers. Version 7.0.3.4 contains a patch for the issue.

CVE-2025-2562

MEDIUM

CVSS:5.4(Medium)

Insufficient logging in the autotyping feature in Devolutions Remote Desktop Manager on Windows allows an authenticated user to use a stored password without generating a corresponding log event, via ...

CWE-7782025

CVE-2019-19277

MEDIUM

CVSS:6.5(Medium)

A vulnerability has been identified in SIPORT MP (All versions < 3.1.4). Vulnerable versions of the device allow the creation of special accounts ("service users") with administrative privileges that ...

CWE-7782019

CVE-2019-19295

MEDIUM

CVSS:4.3(Medium)

A vulnerability has been identified in Control Center Server (CCS) (All versions < V1.5.0). The Control Center Server (CCS) does not enforce logging of security-relevant activities in its XML-based co...

CWE-7782019

CVE-2022-25783

MEDIUM

CVSS:4.3(Medium)

Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7.

CWE-7782022

CVE-2024-2291

MEDIUM

CVSS:4.3(Medium)

In Progress MOVEit Transfer versions released before 2022.0.11 (14.0.11), 2022.1.12 (14.1.12), 2023.0.9 (15.0.9), 2023.1.4 (15.1.4), a logging bypass vulnerability has been discovered. An authenticate...

CWE-7782024

CVE-2021-33689

LOW

CVSS:3.5(Low)

When user with insufficient privileges tries to access any application in SAP NetWeaver Administrator (Administrator applications), version - 7.50, no security audit log is created. Therefore, securit...

CWE-7782021

CVE-2025-32967

Vulnerability Description

Related Vulnerabilities

CVE-2025-2562

CVE-2019-19277

CVE-2019-19295

CVE-2022-25783

CVE-2024-2291

CVE-2021-33689