A low-privileged remote attacker can obtain the username of another registered Sunny Portal user by entering that user's email address.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://certvde.com/en/advisories/VDE-2025-050 |
![]() ![]() |
History
Tue, 19 Aug 2025 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 19 Aug 2025 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A low-privileged remote attacker can obtain the username of another registered Sunny Portal user by entering that user's email address. | |
Title | SMA: Sunny Portal limited disclosure of personal data of registered users to an authenticated user | |
Weaknesses | CWE-359 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: CERTVDE
Published: 2025-08-19T08:10:05.103Z
Updated: 2025-08-19T13:19:34.567Z
Reserved: 2025-04-16T11:17:48.309Z
Link: CVE-2025-41685

Updated: 2025-08-19T13:19:31.602Z

Status : Awaiting Analysis
Published: 2025-08-19T09:15:31.250
Modified: 2025-08-19T13:42:47.510
Link: CVE-2025-41685

No data.