CNNVD-202509-3047 Information

CNNVD ID

CNNVD-202509-3047

Related CVE

CVE-2025-59714

• CNNVD Published: 2025-09-19

Description (Chinese)

Grouper是Internet2开源的一个针对高校常见的高度分布式管理环境和异构信息技术环境而设计的企业访问管理系统。 Grouper 5.17.1版本至5.20.5之前版本存在安全漏洞，该漏洞源于非Grouper系统管理员的组管理员可配置加载程序作业，可能导致权限提升。

Description (English)

Grouper is an enterprise access management system designed for a highly distributed management environment common to universities and isomeric information technology environments. There was a security loophole in Grouper, versions 5.17.1 to 5.20.5, which originated from a group administrator who was not a Grouper system administrator and could configure the loading process, which could lead to increased privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Intesync

Published

2025-09-19

Last Modified

2026-02-24

References

https://spaces.at.internet2.edu/display/Grouper/Grouper+bug+-+GRP-6311+-+non-Grouper-admins+can+configure+loader+jobs https://access.redhat.com/security/cve/cve-2025-59714

Patch

https://spaces.at.internet2.edu/spaces/Grouper/pages/14517702/Grouper+Wiki+Home