How severe is CVE-2025-4527?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 3.7 out of 10.

What type of vulnerability is CVE-2025-4527?

This is classified as CWE-602, which is a common weakness in software security.

CVE-2025-4527 - MEDIUM Severity | CVSS 3.7

Vulnerability Description

A vulnerability has been found in Dígitro NGC Explorer 3.44.15 and classified as problematic. This vulnerability affects unknown code of the component Password Transmission Handler. The manipulation leads to client-side enforcement of server-side security. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.

Related Vulnerabilities

CVE-2023-20106

LOW

CVSS:3.8(Low)

Multiple vulnerabilities in Cisco Identity Services Engine (ISE) could allow an authenticated attacker to delete or read arbitrary files on the underlying operating system. To exploit these vulnerabil...

CWE-6022023

CVE-2024-42340

MEDIUM

CVSS:4.3(Medium)

CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security

CWE-6022024

CVE-2024-52960

MEDIUM

CVSS:4.3(Medium)

A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least re...

CWE-6022024

CVE-2025-28168

MEDIUM

CVSS:4.3(Medium)

The Multiple File Upload add-on component 3.1.0 for OutSystems is vulnerable to Unrestricted File Upload. This occurs because file extension and size validations are enforced solely on the client side...

CWE-6022025

CVE-2024-6831

MEDIUM

CVSS:4.4(Medium)

Seth Fogie, member of AXIS Camera Station Pro Bug Bounty Program has found that it is possible to edit and/or remove views without the necessary permission due to a client-side-only check. Axis has re...

CWE-6022024

CVE-2021-21544

LOW

CVSS:2.7(Low)

Dell EMC iDRAC9 versions prior to 4.40.00.00 contain an improper authentication vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability t...

CWE-6022021