CNNVD-202508-627 Information
CNNVD ID
CNNVD-202508-627
Related CVE
- CNNVD Published: 2025-08-06
Description (Chinese)
Bottinelli Informatical Vedo Suite是意大利Bottinelli Informatica公司的一款面向纺织与设计行业的企业软件套件。 Bottinelli Informatical Vedo Suite 2024.17版本存在安全漏洞,该漏洞源于/api_vedo/configuration/config.yml文件中存储了明文凭据,可能导致数据泄露。
Description (English)
Bottinelli Informatical Vedo Suite is an enterprise software package for the textile and design industries of Bottinelli Informatica, Italy. There is a security loophole in version 2024.17 of Bottinelli Informatical Vedo Suite, which originates from the storage of a certificate in/api vedo/config/config.yml file, which could lead to data disclosure.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Bottinelli Informatica
Published
2025-08-06
Last Modified
2026-02-24
References
https://github.com/jacopoaugelli/vedo-suite-exploits http://bottinelli.com https://access.redhat.com/security/cve/cve-2025-51055
Patch
https://www.bottinelliinformatica.it/
Share on: