CVE-2025-30063 CRITICAL

CVE-2025-30063: Excessive permissions on configuration files containing database logins and passwords

Vendor Cgm
Product CGM CLININET
Weakness CWE-732
Published August 27, 2025
Last update August 27, 2025

CVSS base score

9.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

What the vulnerability does

01Description

The configuration file containing database logins and passwords is readable by any local user.

Key dates

02Disclosure timeline

August 27, 2025 CVE published
August 27, 2025 Record updated