Metrics
Affected Vendors & Products
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
Tue, 23 Sep 2025 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-287 |
Tue, 23 Sep 2025 16:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-288 |
Mon, 24 Mar 2025 20:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Mon, 24 Mar 2025 18:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An authentication bypass vulnerability in Kentico Xperience allows authentication bypass via the Staging Sync Server password handling of empty SHA1 usernames in digest authentication. Authentication bypass allows an attacker to control administrative objects.This issue affects Xperience through 13.0.172. | |
Title | Kentico Xperience Staging Sync Server digest password authentication bypass | |
Weaknesses | CWE-287 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: VulnCheck
Published:
Updated: 2025-09-23T15:43:04.992Z
Reserved: 2025-03-24T16:39:11.689Z
Link: CVE-2025-2746

Updated: 2025-03-24T19:27:16.832Z

Status : Undergoing Analysis
Published: 2025-03-24T19:15:51.460
Modified: 2025-09-23T16:15:31.570
Link: CVE-2025-2746

No data.

Updated: 2025-07-12T15:26:07Z