Metrics
Affected Vendors & Products
Tue, 02 Sep 2025 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Atlassian
Atlassian agiloft |
|
CPEs | cpe:2.3:a:atlassian:agiloft:*:*:*:*:*:*:*:* | |
Vendors & Products |
Atlassian
Atlassian agiloft |
Fri, 29 Aug 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Wed, 27 Aug 2025 11:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Agiloft
Agiloft agiloft |
|
Vendors & Products |
Agiloft
Agiloft agiloft |
Tue, 26 Aug 2025 22:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30. | |
Title | Agiloft insecure download of system packages | |
Weaknesses | CWE-494 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: cisa-cg
Published:
Updated: 2025-08-29T18:27:45.417Z
Reserved: 2025-04-15T20:56:24.416Z
Link: CVE-2025-35115

Updated: 2025-08-29T18:27:40.512Z

Status : Analyzed
Published: 2025-08-26T23:15:35.540
Modified: 2025-09-02T17:57:25.583
Link: CVE-2025-35115

No data.

Updated: 2025-08-27T11:41:37Z