CNNVD-202510-3520 Information
CNNVD ID
CNNVD-202510-3520
Related CVE
- CNNVD Published: 2025-10-27
Description (Chinese)
BAE Systems SOCET GXP是美国BAE Systems公司的一款高端地理信息影像分析与测绘软件。 BAE Systems SOCET GXP 4.6.0.2之前版本存在安全漏洞,该漏洞源于SOCET GXP Job Service未要求身份验证,可能导致远程用户提交作业或本地用户提交具有其他用户权限的作业。
Description (English)
BAE Systems SOCET GXP is a high-end geographic information image analysis and mapping software for BAE Systems, United States. Prior to BAE Systems SOCET GXP 4.6.0.2, there was a security loophole, which originated from the failure of SOCET GXP Job Service to require authentication, which could result in remote user submission operations or local user submissions for operations with other user privileges.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
BAE Systems
Published
2025-10-27
Last Modified
2026-02-24
References
https://www.baesystems.com/en-us/product/geospatial-exploitation-products https://www.geospatialexploitationproducts.com/content/socet-gxp/vulnerabilities-disclosure/#cve-2025-54968 https://access.redhat.com/security/cve/cve-2025-54968
Patch
https://www.geospatialexploitationproducts.com/content/socet-gxp/
Share on: