CNNVD-202509-268 Information

CNNVD ID

CNNVD-202509-268

Related CVE

CVE-2025-56689

• CNNVD Published: 2025-09-03

Description (Chinese)

Quest One Identity是美国Quest公司的一个具有管理用户身份、控制存取权限功能的软件。 Quest One Identity 7.5.1.20903版本存在安全漏洞，该漏洞源于OTP绕过，可能导致攻击者控制任意账户。

Description (English)

Quest One Access is a software of the United States company Quest that manages user identity and controls access. Quest One Identity 7.5.1.20903 contains a security loophole, which originates from OTP bypasses, which may lead the attackers to control arbitrary accounts.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Quiet

Published

2025-09-03

Last Modified

2026-02-24

References

https://medium.com/@vigneshrajan54_88115/how-i-found-cve-2025-56689-in-safeguard-for-privileged-passwords-6d58fd4bf453 https://access.redhat.com/security/cve/cve-2025-56689