CVE-2025-4762 LOW

CVE-2025-4762: Insecure Direct Object Reference (IDOR) vulnerability in eSignaViewer

Weakness CWE-20 · Input validation

Published May 15, 2025

Last update May 15, 2025

View on NVD All CVEs

CVSS base score

2.0/10

Attack vector Network

Attack complexity High

Privileges required Low

User interaction —

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:L/UI:A/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

What the vulnerability does

01Description

Insecure Direct Object Reference (IDOR) vulnerability in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms allow an unauthenticated attacker to access arbitrary files in the document system via manipulation of file paths and object identifiers.

Key dates

02Disclosure timeline

May 15, 2025 CVE published

May 15, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-4762 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

CVE-2025-4762: Insecure Direct Object Reference (IDOR) vulnerability in eSignaViewer

01Description

02Disclosure timeline

03References

04Related CVE