CVE-2025-54087 — LOW (2.6) — White Hats Nepal

Q: How severe is CVE-2025-54087?

CVE-2025-54087 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-54087?

Check the references section above for vendor advisories and patch information. Affected products include: Absolute Secure Access.

Vulnerability Description

CVE-2025-54087 is a server-side request forgery vulnerability in Secure Access prior to version 14.10. Attackers with administrative privileges can publish a crafted test HTTP request originating from the Secure Access server. The attack complexity is high, there are no attack requirements, and user interaction is required. There is no direct impact to confidentiality, integrity, or availability. There is a low severity subsequent system impact to integrity.

CVSS Score

2.6

LOW

CVSS:3.1/AV:N/AC:H/PR:H/UI:R/S:C/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Absolute	Secure Access	< 14.10

Related Weaknesses (CWE)

CWE-918

References

https://www.absolute.com/platform/security-information/vulnerability-archive/cveVendor Advisory

FAQ

What is CVE-2025-54087?

CVE-2025-54087 is a vulnerability with a CVSS score of 2.6 (LOW). CVE-2025-54087 is a server-side request forgery vulnerability in Secure Access prior to version 14.10. Attackers with administrative privileges can publish a crafted test HTTP request originating from...

How severe is CVE-2025-54087?

CVE-2025-54087 has been rated LOW with a CVSS base score of 2.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-54087?

Check the references section above for vendor advisories and patch information. Affected products include: Absolute Secure Access.