{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-48738", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2025-05-23T21:20:50.611Z", "dateReserved": "2025-05-23T00:00:00.000Z", "datePublished": "2025-05-23T00:00:00.000Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "TheHive", "vendor": "StrangeBee", "versions": [{"lessThan": "5.2.16", "status": "affected", "version": "5.2.0", "versionType": "semver"}, {"lessThan": "5.3.11", "status": "affected", "version": "5.3.0", "versionType": "semver"}, {"lessThan": "5.4.10", "status": "affected", "version": "5.4.0", "versionType": "semver"}, {"lessThan": "5.5.1", "status": "affected", "version": "5.5.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "value": "An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows unauthenticated remote attackers to use the password reset feature without limits. This can lead to several consequences, including mailbox storage exhaustion for targeted users, reputation damage to the SMTP server, potentially causing it to be blacklisted, and overload of the SMTP server's outbound mail queue."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-05-23T20:08:28.538Z"}, "references": [{"url": "https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2025-003.md"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:L"}}], "cpeApplicability": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:strangebee:thehive:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.2.0", "versionEndExcluding": "5.2.16"}, {"vulnerable": true, "criteria": "cpe:2.3:a:strangebee:thehive:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.3.0", "versionEndExcluding": "5.3.11"}, {"vulnerable": true, "criteria": "cpe:2.3:a:strangebee:thehive:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.4.0", "versionEndExcluding": "5.4.10"}, {"vulnerable": true, "criteria": "cpe:2.3:a:strangebee:thehive:*:*:*:*:*:*:*:*", "versionStartIncluding": "5.5.0", "versionEndExcluding": "5.5.1"}]}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-23T21:20:39.244235Z", "id": "CVE-2025-48738", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-23T21:20:50.611Z"}}]}, "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-48738", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-23T21:20:39.244235Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-23T21:20:46.822Z"}}], "cna": {"metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 6.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:L"}}], "affected": [{"vendor": "StrangeBee", "product": "TheHive", "versions": [{"status": "affected", "version": "5.2.0", "lessThan": "5.2.16", "versionType": "semver"}, {"status": "affected", "version": "5.3.0", "lessThan": "5.3.11", "versionType": "semver"}, {"status": "affected", "version": "5.4.0", "lessThan": "5.4.10", "versionType": "semver"}, {"status": "affected", "version": "5.5.0", "lessThan": "5.5.1", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2025-003.md"}], "x_generator": {"engine": "enrichogram 0.0.1"}, "descriptions": [{"lang": "en", "value": "An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows unauthenticated remote attackers to use the password reset feature without limits. This can lead to several consequences, including mailbox storage exhaustion for targeted users, reputation damage to the SMTP server, potentially causing it to be blacklisted, and overload of the SMTP server's outbound mail queue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-770", "description": "CWE-770 Allocation of Resources Without Limits or Throttling"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:strangebee:thehive:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.2.16", "versionStartIncluding": "5.2.0"}, {"criteria": "cpe:2.3:a:strangebee:thehive:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.3.11", "versionStartIncluding": "5.3.0"}, {"criteria": "cpe:2.3:a:strangebee:thehive:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.4.10", "versionStartIncluding": "5.4.0"}, {"criteria": "cpe:2.3:a:strangebee:thehive:*:*:*:*:*:*:*:*", "vulnerable": true, "versionEndExcluding": "5.5.1", "versionStartIncluding": "5.5.0"}], "operator": "OR"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2025-05-23T20:08:28.538Z"}}}, "cveMetadata": {"cveId": "CVE-2025-48738", "state": "PUBLISHED", "dateUpdated": "2025-05-23T21:20:50.611Z", "dateReserved": "2025-05-23T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2025-05-23T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "An e-mail flooding vulnerability in StrangeBee TheHive 5.2.0 before 5.2.16, 5.3.0 before 5.3.11, 5.4.0 before 5.4.10, and 5.5.0 before 5.5.1 allows unauthenticated remote attackers to use the password reset feature without limits. This can lead to several consequences, including mailbox storage exhaustion for targeted users, reputation damage to the SMTP server, potentially causing it to be blacklisted, and overload of the SMTP server's outbound mail queue."}, {"lang": "es", "value": "Una vulnerabilidad de inundaci\u00f3n de correo electr\u00f3nico en StrangeBee TheHive 5.2.0 (anterior a la 5.2.16), 5.3.0 (anterior a la 5.3.11), 5.4.0 (anterior a la 5.4.10) y 5.5.0 (anterior a la 5.5.1) permite a atacantes remotos no autenticados usar la funci\u00f3n de restablecimiento de contrase\u00f1a sin restricciones. Esto puede tener varias consecuencias, como el agotamiento del almacenamiento del buz\u00f3n de los usuarios objetivo, la p\u00e9rdida de reputaci\u00f3n del servidor SMTP (que podr\u00eda provocar su inclusi\u00f3n en la lista negra) y la sobrecarga de la cola de correo saliente del servidor SMTP."}], "id": "CVE-2025-48738", "lastModified": "2025-05-28T14:58:52.920", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 6.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "LOW", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2025-05-23T20:15:25.210", "references": [{"source": "cve@mitre.org", "url": "https://github.com/StrangeBeeCorp/Security/blob/main/Security%20advisories/SB-SEC-ADV-2025-003.md"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-770"}], "source": "cve@mitre.org", "type": "Primary"}]}

{}