CVE-2025-60534
CriticalCVSS 9.8Exploitation Probability (EPSS)
Low risk47th percentile - higher than 47% of all known CVEs
Summary
Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials.
Risk Assessment
The risk involves unauthorized access to application functions, potentially leading to data confidentiality and integrity breaches, as well as system takeover.
Recommendation
Immediately update Blue Access Cobalt to the latest patched version, and implement additional authentication mechanisms and network traffic monitoring.
Original NVD description (English source)
Blue Access Cobalt v02.000.195 suffers from an authentication bypass vulnerability, which allows an attacker to selectively proxy requests in order to operate functionality on the web application without the need to authenticate with legitimate credentials.

