CNNVD-202509-1722 Information

CNNVD ID

CNNVD-202509-1722

Related CVE

CVE-2025-10247

• CNNVD Published: 2025-09-11

Description (Chinese)

JEPaaS是中国凯特伟业（JEPaaS）公司的一款快速开发平台。 JEPaaS 7.2.8版本存在访问控制错误漏洞，该漏洞源于Filter Handler组件中的doFilterInternal函数存在访问控制不当，可能导致远程攻击。

Description (English)

JEPaS is a fast-growing platform for the company JEPaS of China. Version 7.2.8 of JepaaS contains a bug in access control resulting from the inappropriate access control of the doFilterInternal function in the Filter Handler component, which may lead to a remote attack.

Hazard Level

High

Vulnerability Type

访问控制错误

Affected Vendor

凯特伟业

Published

2025-09-11

Last Modified

2026-02-24

References

https://github.com/c3p000-Yiqiyin/JEPaaS-Access-control-bypass-vulnerability/blob/main/README.md https://vuldb.com/?ctiid.323547 https://vuldb.com/?id.323547 https://vuldb.com/?submit.642413