How severe is CVE-2025-21092?

This vulnerability has a severity rating of HIGH with a CVSS score of 6.5 out of 10.

What type of vulnerability is CVE-2025-21092?

This is classified as CWE-266, which is a common weakness in software security.

CVE-2025-21092

HIGH Year: 2025

CVSS v3 Score

6.5

Medium

Weakness Type

CWE-266

View all →

Vulnerability Description

GMOD Apollo does not have sufficient logical or access checks when updating a user's information. This could result in an attacker being able to escalate privileges for themselves or others.

CVE-2020-26182

MEDIUM

CVSS:6.5(Medium)

Dell EMC NetWorker versions prior to 19.3.0.2 contain an incorrect privilege assignment vulnerability. A non-LDAP remote user with low privileges may exploit this vulnerability to perform 'saveset' re...

CWE-2662020

CVE-2021-1412

MEDIUM

CVSS:6.5(Medium)

Multiple vulnerabilities in the Admin portal of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. These vulnerabilities are due to imp...

CWE-2662021

CVE-2021-40123

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker with administrative read-only privileges to download files t...

CWE-2662021

CVE-2022-1225

MEDIUM

CVSS:6.5(Medium)

Incorrect Privilege Assignment in GitHub repository phpipam/phpipam prior to 1.4.6.

CWE-2662022

CVE-2022-20782

MEDIUM

CVSS:6.5(Medium)

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information from an affected device. Thi...

CWE-2662022