CNNVD-202507-1311 Information
CNNVD ID
CNNVD-202507-1311
Related CVE
- CNNVD Published: 2025-07-09
Description (Chinese)
ConnectWise PSA是美国ConnectWise公司的一种专业的服务自动化软件。 ConnectWise PSA 2025.9之前版本存在安全漏洞,该漏洞源于API返回过多用户信息,可能导致认证用户获取加密密码哈希。
Description (English)
ConnectWise PSA is a professional service automation software for ConnectWise in the United States. There is a security loophole in the pre-ConectWise PSA 2025.9 version, which stems from the API return of excessive user information, which may lead to the authentication user obtaining encrypted password Hashi.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
ConnectWise
Published
2025-07-09
Last Modified
2026-02-24
References
https://www.themissinglink.com.au/security-advisories/cve-2025-7204 https://www.connectwise.com/company/trust/security-bulletins/connectwise-psa-2025.9-security-fix https://nvd.nist.gov/vuln/detail/CVE-2025-7204
Patch
https://www.connectwise.com/company/trust/security-bulletins/connectwise-psa-2025.9-security-fix
Share on: