CNNVD-202507-2913 Information

Jul 22, 2025 cve

CNNVD ID

CNNVD-202507-2913

CVE-2025-31511

CNNVD Published: 2025-07-22

Description (Chinese)

Alert Enterprise Guardian是美国Alert Enterprise开源的一款实物身份与访问管理系统。 Alert Enterprise Guardian 4.1.14.2.2.1版本存在安全漏洞，该漏洞源于通过修改Request%20Building%20Access requestSubmit API调用中的用户ID绕过经理审批。

Description (English)

Alert Enterprise Guardian is a physical identity and access management system for the United States of America’s Alert Enterprise open source. Alert Enterprise Guardian 4.1.14.2.2.1 has a security loophole, which stems from the circumvention of the manager ’ s approval by the user ID on call through the modification of Request %20Building %20Access requestSubmit API.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Alert Enterprise

Published

2025-07-22

Last Modified

2026-02-24

References

https://alertenterprise.com/switch-to-guardian/ https://alertenterprise.screenstepslive.com/a/1969949-alertenterprise-security-advisory-july-2025 https://x.com/pand0rausa/status/1947477020809826359 https://nvd.nist.gov/vuln/detail/CVE-2025-31511 https://access.redhat.com/security/cve/cve-2025-31511

Share on: