CVE-2025-46690 — MEDIUM (5.0)

Vulnerability Description

Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request.

CVSS Score

5.0

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Ververica	Ververica Platform	2.14.0

Related Weaknesses (CWE)

CWE-425

References

https://github.com/gozan10/cve/issues/18ExploitIssue Tracking
https://github.com/ververica/ververica-platform-playgroundProduct
https://www.ververica.comProduct
https://github.com/gozan10/cve/issues/18ExploitIssue Tracking

FAQ

What is CVE-2025-46690?

CVE-2025-46690 is a vulnerability with a CVSS score of 5.0 (MEDIUM). Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request.

How severe is CVE-2025-46690?

CVE-2025-46690 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-46690?

Check the references section above for vendor advisories and patch information. Affected products include: Ververica Ververica Platform.