CVE-2025-15621

Vulnerability Description

Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication

Related Weaknesses (CWE)

CWE-522

References

https://sparxsystems.com/products/ea/17.1/history.html

FAQ

What is CVE-2025-15621?

CVE-2025-15621 is a documented vulnerability. Insufficiently Protected Credentials in Sparx Systems Pty Ltd. Sparx Enterprise Architect. Client does not verify the receiver of OAuth2 credentials during OpenID authentication

How severe is CVE-2025-15621?

CVSS scoring is not yet available for CVE-2025-15621. Check NVD for updates.

Is there a patch for CVE-2025-15621?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.