CVE-2025-67789

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2025-67789

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-67789.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2025-67789

Published

2025-12-17T21:16:16.073Z

Modified

2026-03-13T03:42:15.423339Z

Severity

5.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N CVSS Calculator

Summary

[none]

Details

An issue was discovered in DriveLock 24.1 before 24.1.6, 24.2 before 24.2.7, and 25.1 before 25.1.5. Authenticated users can retrieve the computer count of other DriveLock tenants via the DriveLock API.

References

https://drivelock.help/versions/current/web/en/releasenotes/Content/ReleaseNotes_DriveLock/SecurityBulletins/25-004-DESInfoDisclosure.htm

Affected packages

Git /

Affected ranges

Database specific

unresolved_ranges

[
    {
        "events": [
            {
                "introduced": "24.1"
            },
            {
                "fixed": "24.1.6"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "24.2"
            },
            {
                "fixed": "24.2.7"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "25.1"
            },
            {
                "fixed": "25.1.5"
            }
        ]
    }
]

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-67789.json"