{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-67805", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-01T15:57:39.349Z", "dateReserved": "2025-12-12T00:00:00.000Z", "datePublished": "2026-04-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T15:06:52.033Z"}, "descriptions": [{"lang": "en", "value": "A non-default configuration in Sage DPW 2025_06_004 allows unauthenticated access to diagnostic endpoints within the Database Monitor feature, exposing sensitive information such as hashes and table names. This feature is disabled by default in all installations and never available in Sage DPW Cloud. It was forcibly disabled again in version 2025_06_003."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://www.sagedpw.at/"}, {"url": "https://pastebin.com/Tk4LgMG2"}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AC:H/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T15:56:53.576693Z", "id": "CVE-2025-67805", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T15:57:39.349Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-67805", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T15:56:53.576693Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T15:57:33.979Z"}}], "cna": {"metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.9, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AC:H/AV:N/A:N/C:H/I:N/PR:N/S:U/UI:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://www.sagedpw.at/"}, {"url": "https://pastebin.com/Tk4LgMG2"}], "descriptions": [{"lang": "en", "value": "A non-default configuration in Sage DPW 2025_06_004 allows unauthenticated access to diagnostic endpoints within the Database Monitor feature, exposing sensitive information such as hashes and table names. This feature is disabled by default in all installations and never available in Sage DPW Cloud. It was forcibly disabled again in version 2025_06_003."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T15:06:52.033Z"}}}, "cveMetadata": {"cveId": "CVE-2025-67805", "state": "PUBLISHED", "dateUpdated": "2026-04-01T15:57:39.349Z", "dateReserved": "2025-12-12T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-01T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A non-default configuration in Sage DPW 2025_06_004 allows unauthenticated access to diagnostic endpoints within the Database Monitor feature, exposing sensitive information such as hashes and table names. This feature is disabled by default in all installations and never available in Sage DPW Cloud. It was forcibly disabled again in version 2025_06_003."}], "id": "CVE-2025-67805", "lastModified": "2026-04-03T16:11:11.357", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "cve@mitre.org", "type": "Secondary"}]}, "published": "2026-04-01T16:23:48.177", "references": [{"source": "cve@mitre.org", "url": "https://pastebin.com/Tk4LgMG2"}, {"source": "cve@mitre.org", "url": "https://www.sagedpw.at/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Awaiting Analysis"}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[2025_06_004,2025_06_004]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "dpw", "vendor": "sage"}], "analysis": {"en": {"generated_at": "2026-04-02T03:51:28.998654+00:00", "value": {"mitigation_remediation": ["Apply the 2025_06_003 configuration or upgrade to a later release where the Database Monitor diagnostic endpoints are removed or permanently disabled.", "If upgrading is not feasible, manually disable or restrict access to the diagnostic endpoints through application-level or network configuration changes.", "Ensure the default disabled state remains by enforcing the 2025_06_003 configuration on existing installations.", "Restrict network access to the host running Sage DPW to trusted IP ranges via firewall or host-based rules.", "Monitor system logs for unexpected access attempts and review stored credentials for anomalies."], "summary": {"action": "Update or Disable", "impact": "Information Exposure via Unauthenticated Access"}, "threat_synthesis": {"affected_systems": "Only installations of Sage DPW version 2025_06_004 are affected, because the Database Monitor diagnostic interface is enabled in this build. The feature is disabled by default in all installations and is removed in the preceding build 2025_06_003, and it is never available in Sage DPW Cloud. Vendors are not identified in the attribution data.", "description_and_impact": "The vulnerability permits an attacker to reach diagnostic endpoints without authentication, exposing data such as password hashes and database table names. This results in a confidentiality compromise. The weakness appears to be an improper configuration that allows information exposure and improper access control, as reflected by the inferred CWEs CWE\u2011200 and CWE\u2011284.", "risk_and_exploitability": "The CVSS base score of 5.9 indicates moderate severity. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting limited evidence of active exploitation. The likely attack vector is a remote network connection to the unprotected diagnostic endpoints; no privilege elevation or additional setup is described. Because the exposed data is sensitive, the risk remains non-trivial and warrants timely remediation."}}}}, "created": "2026-04-02T07:51:31.250352+00:00", "title": "Unauthenticated Access to Diagnostic Endpoints in Sage DPW", "updated": "2026-04-02T20:09:55.408123+00:00", "vendors": ["sage", "sage$PRODUCT$dpw"], "weaknesses": ["CWE-200", "CWE-284"]}