CVE-2025-64299 MEDIUM

CVE-2025-64299

Vendor Logstare Inc.
Product LogStare Collector (for Windows)
Weakness CWE-201
Published November 21, 2025
Last update November 21, 2025

CVSS base score

4.9/10
Attack vector Network
Attack complexity Low
Privileges required High
User interaction None
Confidentiality High
Integrity None

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

What the vulnerability does

01Description

LogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes.

Key dates

02Disclosure timeline

November 21, 2025 CVE published
November 21, 2025 Record updated

Related vulnerabilities

04Related CVE