CVE Catalog

CVE-2025-60534

CriticalCVSS 9.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.65%

47th percentile - higher than 47% of all known CVEs

Summary

Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials.

Risk Assessment

The risk involves unauthorized access to application functions, potentially leading to data confidentiality and integrity breaches, as well as system takeover.

Recommendation

Immediately update Blue Access Cobalt to the latest patched version, and implement additional authentication mechanisms and network traffic monitoring.

Original NVD description (English source)

Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS