1. Home
  2. CVE Database
  3. CVE-2025-30235
LOW · 3.5

CVE-2025-30235

Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of failed authentication a...

Vulnerability Description

Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of failed authentication attempts, because concurrent attempts are mishandled.

CVSS Score

3.5

LOW

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:N
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality
NONE
Integrity
LOW
Availability
NONE

Related Weaknesses (CWE)

CWE-362

References

FAQ

What is CVE-2025-30235?

CVE-2025-30235 is a vulnerability with a CVSS score of 3.5 (LOW). Shearwater SecurEnvoy SecurAccess Enrol before 9.4.515 is intended to disable accounts that have had more than 10 failed authentication attempts, but instead allows hundreds of failed authentication a...

How severe is CVE-2025-30235?

CVE-2025-30235 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-30235?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.