CVE-2025-64299

EUVD-2025-198424
LogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
2.7 LOW
NETWORK
LOW
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Affected Products (NVD)
VendorProductVersion
secuavaillogstare_collector
𝑥
< 2.4.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://jvn.jp/en/jp/JVN77560819/
https://www.logstare.com/vulnerability/2025-001/