{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-34509", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2025-04-15T19:15:22.612Z", "datePublished": "2025-06-17T18:20:57.441Z", "dateUpdated": "2025-07-22T13:07:15.476Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Experience Manager", "vendor": "Sitecore", "versions": [{"lessThan": "10.4.1 rev. 011941 PRE", "status": "affected", "version": "10.4", "versionType": "custom"}, {"lessThan": "10.3.3 rev. 011967 PRE", "status": "affected", "version": "10.3", "versionType": "custom"}, {"lessThan": "10.1.4 rev. 011974 PRE", "status": "affected", "version": "10.1", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "product": "Experience Platform", "vendor": "Sitecore", "versions": [{"lessThan": "10.4.1 rev. 011941 PRE", "status": "affected", "version": "10.4", "versionType": "custom"}, {"lessThan": "10.3.3 rev. 011967 PRE", "status": "affected", "version": "10.3", "versionType": "custom"}, {"lessThan": "10.1.4 rev. 011974 PRE", "status": "affected", "version": "10.1", "versionType": "custom"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Piotr Bazydlo of watchTowr"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."}], "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-07-22T13:07:15.476Z"}, "references": [{"tags": ["third-party-advisory", "exploit", "technical-description"], "url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"}, {"tags": ["vendor-advisory"], "url": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003667"}], "solutions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Update to patched versions."}], "value": "Update to patched versions."}], "source": {"discovery": "EXTERNAL"}, "title": "Sitecore XM and XP Hardcoded Credentials", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-17T00:00:00+00:00", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2025-34509"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-18T03:56:09.729Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-34509", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-17T19:43:38.883666Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-17T19:04:47.633Z"}}], "cna": {"title": "Sitecore XM and XP Hardcoded Credentials", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Piotr Bazydlo of watchTowr"}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Sitecore", "product": "Experience Manager", "versions": [{"status": "affected", "version": "10.4", "lessThan": "10.4.1 rev. 011941 PRE", "versionType": "custom"}, {"status": "affected", "version": "10.3", "lessThan": "10.3.3 rev. 011967 PRE", "versionType": "custom"}, {"status": "affected", "version": "10.1", "lessThan": "10.1.4 rev. 011974 PRE", "versionType": "custom"}], "defaultStatus": "unaffected"}, {"vendor": "Sitecore", "product": "Experience Platform", "versions": [{"status": "affected", "version": "10.4", "lessThan": "10.4.1 rev. 011941 PRE", "versionType": "custom"}, {"status": "affected", "version": "10.3", "lessThan": "10.3.3 rev. 011967 PRE", "versionType": "custom"}, {"status": "affected", "version": "10.1", "lessThan": "10.1.4 rev. 011974 PRE", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Update to patched versions.", "supportingMedia": [{"type": "text/html", "value": "Update to patched versions.", "base64": false}]}], "references": [{"url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/", "tags": ["third-party-advisory", "exploit", "technical-description"]}, {"url": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003667", "tags": ["vendor-advisory"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.", "supportingMedia": [{"type": "text/html", "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-798", "description": "CWE-798 Use of Hard-coded Credentials"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2025-07-22T13:07:15.476Z"}}}, "cveMetadata": {"cveId": "CVE-2025-34509", "state": "PUBLISHED", "dateUpdated": "2025-07-22T13:07:15.476Z", "dateReserved": "2025-04-15T19:15:22.612Z", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "datePublished": "2025-06-17T18:20:57.441Z", "assignerShortName": "VulnCheck"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:sitecore:experience_commerce:*:*:*:*:*:*:*:*", "matchCriteriaId": "DCF77DC5-9DF9-4DF7-9636-69CA4BEEDB04", "versionEndIncluding": "10.4", "versionStartIncluding": "9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sitecore:experience_manager:*:*:*:*:*:*:*:*", "matchCriteriaId": "17EF29D0-E1DA-4F84-95F4-EA9680EB47DF", "versionEndIncluding": "10.4", "versionStartIncluding": "9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sitecore:experience_platform:*:*:*:*:*:*:*:*", "matchCriteriaId": "88455751-A525-4A59-9DD8-4E015CD1346C", "versionEndExcluding": "10.4", "versionStartIncluding": "9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:sitecore:experience_platform:10.4:-:*:*:*:*:*:*", "matchCriteriaId": "78E71AD1-04C7-4D80-9A0A-E386A3FAC860", "vulnerable": true}, {"criteria": "cpe:2.3:a:sitecore:managed_cloud:-:*:*:*:*:*:*:*", "matchCriteriaId": "520CF670-01A2-479F-B637-C413A82463E0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Sitecore Experience Manager (XM) and Experience Platform (XP) versions 10.1 to 10.1.4 rev. 011974 PRE, all versions of 10.2, 10.3 to 10.3.3 rev. 011967 PRE, and 10.4 to 10.4.1 rev. 011941 PRE contain a hardcoded user account. Unauthenticated and remote attackers can use this account to access administrative API over HTTP."}, {"lang": "es", "value": "Sitecore Experience Manager (XM) y Experience Platform (XP) versiones 10.1 a 10.1.4 rev. 011974 PRE, todas las versiones 10.2, 10.3 a 10.3.3 rev. 011967 PRE y 10.4 a 10.4.1 rev. 011941 PRE contienen una cuenta de usuario codificada. Atacantes remotos no autenticados pueden usar esta cuenta para acceder a la API administrativa a trav\u00e9s de HTTP."}], "id": "CVE-2025-34509", "lastModified": "2025-09-08T19:17:06.773", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 8.2, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 4.2, "source": "disclosure@vulncheck.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2025-06-17T19:15:31.423", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Third Party Advisory"], "url": "https://labs.watchtowr.com/is-b-for-backdoor-pre-auth-rce-chain-in-sitecore-experience-platform/"}, {"source": "disclosure@vulncheck.com", "tags": ["Vendor Advisory"], "url": "https://support.sitecore.com/kb?id=kb_article_view&sysparm_article=KB1003667"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-798"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}

{}

{"created": "2025-06-20T13:55:53.922930+00:00", "updated": "2025-06-20T13:55:53.922961+00:00", "vendors": ["sitecore", "sitecore$PRODUCT$experience_manager", "sitecore$PRODUCT$experience_platform"]}