CVE-2025-22895 MEDIUM

CVE-2025-22895

Vendor N/A

Product Edge Orchestrator software for Intel(R) Tiber™ Edge Platform

Weakness CWE-200 · Info exposure

Published May 13, 2025

Last update May 14, 2025

View on NVD All CVEs

CVSS base score

5.5/10

Attack vector Local

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality High

Integrity None

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

Exposure of sensitive information to an unauthorized actor for some Edge Orchestrator software for Intel(R) Tiber™ Edge Platform may allow an authenticated user to potentially enable information disclosure via local access.

Key dates

02Disclosure timeline

May 13, 2025 CVE published

May 14, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-22895 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/200.html

Related vulnerabilities

04Related CVE

CVE-2026-42907 Windows Shell Information Disclosure Vulnerability CVE-2026-0717 LottieFiles – Lottie block for Gutenberg <= 3.0.0 - Unauthenticated Sensitive Information Exposure CVE-2026-27796 Homarr: Unauthenticated Information Disclosure (Integration Metadata Leak) CVE-2025-13006 SurveyFunnel – Survey Plugin for WordPress <= 1.1.5 - Unauthenticated Information Exposure CVE-2025-30474 Apache Commons VFS: Failing to find an FTP file can reveal the URI's password in an error message

Identifiers

CVE CVE-2025-22895

CWE CWE-200

CVSS 5.5 / MEDIUM

Affected versions

Vendor N/A

Product Edge Orchestrator software for Intel(R) Tiber™ Edge Platform

Affected See references