CVE-2025-3177
Severity CVSS v4.0:
LOW
Type:
Unavailable / Other
Publication date:
03/04/2025
Last modified:
08/04/2025
Description
A vulnerability was found in FastCMS 0.1.5. It has been declared as critical. This vulnerability affects unknown code of the component JWT Handler. The manipulation leads to use of hard-coded cryptographic key<br />
. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.
Impact
Base Score 4.0
2.30
Severity 4.0
LOW
Base Score 3.x
5.00
Severity 3.x
MEDIUM
Base Score 2.0
4.60
Severity 2.0
MEDIUM
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:fastcms_project:fastcms:0.1.5:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page