CNNVD-202509-1863 Information

CNNVD ID

CNNVD-202509-1863

Related CVE

CVE-2025-59363

• CNNVD Published: 2025-09-14

Description (Chinese)

One Identity OneLogin是美国One Identity公司的一个身份和访问管理软件。 One Identity OneLogin 2025.3.0之前版本存在安全漏洞，该漏洞源于GET Apps API v2返回OIDC客户端密钥，可能导致敏感信息泄露。

Description (English)

One Identity OneLogin is an identity and access management software for One Identity in the United States. One Identity OneLogin has a security loophole before version 2025.3. This leak stems from the return of the GET Apps API v2 to the ODS client key, which may lead to the disclosure of sensitive information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

OneTrust

Published

2025-09-14

Last Modified

2026-02-24

References

https://onelogin.service-now.com/support?id=kb_article&sys_id=b0aad1e11bd3ea109a47ec29b04bcb72&kb_category=a0d76d70db185340d5505eea4b96199f https://access.redhat.com/security/cve/cve-2025-59363