CVE-2025-65073 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
mitre	CNA	7.5 HIGH				CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:H/A:N
CISA-ADP	ADP	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 11%

Ubuntu Releases

Ubuntu Product

Codename

keystone

questing	Fixed 2:28.0.0-0ubuntu1.1 released
plucky	Fixed 2:27.0.0-0ubuntu1.1 released
noble	Fixed 2:25.0.0-0ubuntu1.1 released
jammy	Fixed 2:21.0.1-0ubuntu2.1 released
focal	ignored
bionic	ignored
xenial	ignored

swift

questing	Fixed 2.36.0-0ubuntu1.1 released
plucky	Fixed 2.35.0-0ubuntu1.1 released
noble	Fixed 2.33.0-0ubuntu1.1 released
jammy	Fixed 2.29.2-0ubuntu1.1 released
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

heat

questing	needs-triage
plucky	needs-triage
noble	needs-triage
jammy	needs-triage
focal	needs-triage
bionic	needs-triage
xenial	needs-triage

Common Weakness Enumeration

CWE-863 - Incorrect Authorization
The software performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. This allows attackers to bypass intended access restrictions.

References

https://www.openwall.com/lists/oss-security/2025/11/04/2

http://www.openwall.com/lists/oss-security/2025/11/17/6