CVE-2025-27702 is a vulnerability in the management console of Absolute
Secure Access prior to version 13.54. Attackers with administrative
access to the console and who have been assigned a certain set of
permissions can bypass those permissions to improperly modify settings.
The attack complexity is low, there are no preexisting attack
requirements; the privileges required are high, and there is no user
interaction required. There is no impact to system confidentiality or
availability, impact to system integrity is high.
CVSS
No CVSS.
References
Configurations
No configuration.
History
29 May 2025, 00:15
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-284 |
28 May 2025, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2025-05-28 21:15
Updated : 2025-05-29 14:29
NVD link : CVE-2025-27702
Mitre link : CVE-2025-27702
CVE.ORG link : CVE-2025-27702
JSON object : View
Products Affected
No product.
CWE
CWE-284
Improper Access Control