How severe is CVE-2025-3329?

This vulnerability has a severity rating of LOW with a CVSS score of 3.1 out of 10.

What type of vulnerability is CVE-2025-3329?

This is classified as CWE-310, which is a common weakness in software security.

CVE-2025-3329 - LOW Severity | CVSS 3.1

Vulnerability Description

A vulnerability classified as problematic has been found in Consumer Comanda Mobile up to 14.9.3.2/15.0.0.8. This affects an unknown part of the component Restaurant Order Handler. The manipulation of the argument Login/Password leads to cleartext transmission of sensitive information. The attack can only be initiated within the local network. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used.

Related Vulnerabilities

CVE-2016-7812

LOW

CVSS:3.1(Low)

The Bank of Tokyo-Mitsubishi UFJ, Ltd. App for Android ver5.3.1, ver5.2.2 and earlier allow a man-in-the-middle attacker to downgrade the communication between the app and the server from TLS v1.2 to ...

CWE-3102016

CVE-2014-3566

LOW

CVSS:3.4(Low)

The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padd...

CWE-3102014

CVE-2016-4511

LOW

CVSS:2.8(Low)

ABB PCM600 before 2.7 uses an improper hash algorithm for the main application password, which makes it easier for local users to obtain sensitive cleartext information by leveraging read access to th...

CWE-3102016

CVE-2025-1953

LOW

CVSS:2.6(Low)

A vulnerability has been found in vLLM AIBrix 0.2.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file pkg/plugins/gateway/prefixcacheindexer/hash.go...

CWE-3102025

CVE-2010-1323

LOW

CVSS:3.7(Low)

MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to modify user-visib...

CWE-3102010

CVE-2010-1324

LOW

CVSS:3.7(Low)

MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptability of checksums, which might allow remote attackers to forge GSS tokens, gain privileges, or have uns...

CWE-3102010