CVE Catalog

CVE-2025-14272

HighCVSS 8.3
Published: Updated: Translated: NVD NIST

Summary

A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions.

Risk Assessment

The organization may be exposed to unauthorized access to administrative functions, potentially leading to serious security breaches and data loss.

Recommendation

It is recommended to review and enhance authorization mechanisms in API endpoints to prevent unauthorized operations.

Original NVD description (English source)

A security issue was identified in Pavilion due to improper authorization enforcement in API endpoints. This vulnerability can allow an unauthorized actor to execute privileged operations, including user/role management and other administrative actions.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS