CVE-2025-48927TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability

PUBLISHEDvulnerability record
2025-07-01 · last modified July 1, 2025

Metadata

CVE ID:
CVE-2025-48927
项目:
TeleMessage
产品:
TM SGNL
添加日期:
2025-07-01
到期日:
2025-07-22
最后更新:
July 1, 2025

漏洞名称

TeleMessage TM SGNL Initialization of a Resource with an Insecure Default Vulnerability

描述

TeleMessage TM SGNL contains an initialization of a resource with an insecure default vulnerability. This vulnerability relies on how the Spring Boot Actuator is configured with an exposed heap dump endpoint at a /heapdump URI.

已知用于勒索软件活动吗?

勒索软件状态:
Unknown

采集行动

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

其他说明

相关新闻文章

相关 CWE