ByteOS Network

NVD Vulnerability Details :

CVE-2025-8517

Analyzed

Source-cna@vuldb.com

Published At-04 Aug, 2025 | 16:15

Updated At-27 Aug, 2025 | 16:23

A vulnerability was detected in givanz Vvveb 1.0.6.1. Impacted is an unknown function. The manipulation results in session fixiation. The attack can be launched remotely. The exploit is now public and may be used. Upgrading to version 1.0.7 is recommended to address this issue. The patch is identified as d4b1e030066417b77d15b4ac505eed5ae7bf2c5e. You should upgrade the affected component.

Date Added	Due Date	Vulnerability Name	Required Action
	N/A

Metrics

Type	Version	Base score	Base severity	Vector
Secondary	4.0	5.3	MEDIUM	CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary	3.1	6.3	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Secondary	2.0	6.5	MEDIUM	AV:N/AC:L/Au:S/C:P/I:P/A:P

Type: Secondary

Version: 4.0

Base score: 5.3

Base severity: MEDIUM

Vector:

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Type: Secondary

Version: 3.1

Base score: 6.3

Base severity: MEDIUM

Vector:

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Type: Secondary

Version: 2.0

Base score: 6.5

Base severity: MEDIUM

Vector:

AV:N/AC:L/Au:S/C:P/I:P/A:P

CPE Matches

vvveb>>vvveb>>Versions before 1.0.7(exclusive)

cpe:2.3:a:vvveb:vvveb:*:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-384	Secondary	cna@vuldb.com

CWE ID: CWE-384

Type: Secondary

Source: cna@vuldb.com

References

Hyperlink	Source	Resource
https://github.com/givanz/Vvveb/commit/d4b1e030066417b77d15b4ac505eed5ae7bf2c5e	cna@vuldb.com	Patch
https://github.com/givanz/Vvveb/issues/312	cna@vuldb.com	Exploit Issue Tracking Mitigation
https://github.com/givanz/Vvveb/issues/312#issuecomment-2977995664	cna@vuldb.com	Issue Tracking
https://github.com/givanz/Vvveb/releases/tag/1.0.7	cna@vuldb.com	Release Notes
https://github.com/kwerty138/Session-Fixation-in-Vvveb-CMS-v1.0.6.1	cna@vuldb.com	Exploit Mitigation
https://vuldb.com/?ctiid.318643	cna@vuldb.com	Permissions Required VDB Entry
https://vuldb.com/?id.318643	cna@vuldb.com	Third Party Advisory VDB Entry
https://vuldb.com/?submit.623135	cna@vuldb.com	Third Party Advisory VDB Entry
https://github.com/givanz/Vvveb/issues/312	134c704f-9b21-4f2e-91b3-4a467353bcc0	Exploit Issue Tracking Mitigation
https://github.com/helloandrewpaul/Session-Fixation-in-Vvveb-CMS-v1.0.6.1	134c704f-9b21-4f2e-91b3-4a467353bcc0	Exploit Mitigation