{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-9822", "assignerOrgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "state": "PUBLISHED", "assignerShortName": "Mautic", "dateReserved": "2025-09-02T08:22:34.513Z", "datePublished": "2025-09-03T13:55:12.870Z", "dateUpdated": "2025-09-03T14:09:46.199Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://packagist.org", "defaultStatus": "unaffected", "packageName": "mautic/core", "product": "Mautic", "repo": "https://github.com/mautic/mautic", "vendor": "Mautic", "versions": [{"lessThan": "< 4.4.17", "status": "affected", "version": ">= 4.4.0", "versionType": "semver"}, {"lessThan": "< 5.2.8", "status": "affected", "version": ">= 5.0.0-alpha", "versionType": "semver"}, {"lessThan": "< 6.0.5", "status": "affected", "version": ">= 6.0.0-alpha", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "reporter", "value": "B0D0B0P0T"}, {"lang": "en", "type": "remediation developer", "value": "lenonleite"}, {"lang": "en", "type": "remediation reviewer", "value": "kuzmany"}], "datePublic": "2025-09-03T08:56:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<h3>Summary</h3><p><em>A user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available.</em></p><h3>Impact</h3><p><em>An administrator who usually does not have access to certain parameters, such as database credentials, can disclose them.</em></p>"}], "value": "SummaryA user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available.\n\nImpactAn administrator who usually does not have access to certain parameters, such as database credentials, can disclose them."}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-283", "description": "CWE-283", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "shortName": "Mautic", "dateUpdated": "2025-09-03T13:55:12.870Z"}, "references": [{"url": "https://github.com/mautic/mautic/security/advisories/GHSA-438m-6mhw-hq5w"}], "source": {"advisory": "GHSA-438m-6mhw-hq5w", "discovery": "EXTERNAL"}, "title": "Secret data extraction via elfinder", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-03T14:08:49.982448Z", "id": "CVE-2025-9822", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-03T14:09:46.199Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-9822", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-09-03T14:08:49.982448Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-03T14:09:33.496Z"}}], "cna": {"title": "Secret data extraction via elfinder", "source": {"advisory": "GHSA-438m-6mhw-hq5w", "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "reporter", "value": "B0D0B0P0T"}, {"lang": "en", "type": "remediation developer", "value": "lenonleite"}, {"lang": "en", "type": "remediation reviewer", "value": "kuzmany"}], "impacts": [{"capecId": "CAPEC-1", "descriptions": [{"lang": "en", "value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/mautic/mautic", "vendor": "Mautic", "product": "Mautic", "versions": [{"status": "affected", "version": ">= 4.4.0", "lessThan": "< 4.4.17", "versionType": "semver"}, {"status": "affected", "version": ">= 5.0.0-alpha", "lessThan": "< 5.2.8", "versionType": "semver"}, {"status": "affected", "version": ">= 6.0.0-alpha", "lessThan": "< 6.0.5", "versionType": "semver"}], "packageName": "mautic/core", "collectionURL": "https://packagist.org", "defaultStatus": "unaffected"}], "datePublic": "2025-09-03T08:56:00.000Z", "references": [{"url": "https://github.com/mautic/mautic/security/advisories/GHSA-438m-6mhw-hq5w"}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "SummaryA user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available.\n\nImpactAn administrator who usually does not have access to certain parameters, such as database credentials, can disclose them.", "supportingMedia": [{"type": "text/html", "value": "<h3>Summary</h3><p><em>A user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available.</em></p><h3>Impact</h3><p><em>An administrator who usually does not have access to certain parameters, such as database credentials, can disclose them.</em></p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-283", "description": "CWE-283"}]}], "providerMetadata": {"orgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "shortName": "Mautic", "dateUpdated": "2025-09-03T13:55:12.870Z"}}}, "cveMetadata": {"cveId": "CVE-2025-9822", "state": "PUBLISHED", "dateUpdated": "2025-09-03T14:09:46.199Z", "dateReserved": "2025-09-02T08:22:34.513Z", "assignerOrgId": "4e531c38-7a33-45d3-98dd-d909c0d8852e", "datePublished": "2025-09-03T13:55:12.870Z", "assignerShortName": "Mautic"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "SummaryA user with administrator rights can change the configuration of the mautic application and extract secrets that are not normally available.\n\nImpactAn administrator who usually does not have access to certain parameters, such as database credentials, can disclose them."}], "id": "CVE-2025-9822", "lastModified": "2026-04-15T00:35:42.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 1.2, "impactScore": 4.2, "source": "security@mautic.org", "type": "Secondary"}]}, "published": "2025-09-03T14:15:46.247", "references": [{"source": "security@mautic.org", "url": "https://github.com/mautic/mautic/security/advisories/GHSA-438m-6mhw-hq5w"}], "sourceIdentifier": "security@mautic.org", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-283"}], "source": "security@mautic.org", "type": "Secondary"}]}

{}

{"created": "2025-09-03T19:30:13.514431+00:00", "updated": "2025-09-03T19:30:13.514482+00:00", "vendors": ["mautic", "mautic$PRODUCT$mautic"]}