{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-29T20:28:52.726","vulnerabilities":[{"cve":{"id":"CVE-2025-4377","sourceIdentifier":"db4dfee8-a97e-4877-bfae-eba6d14a2166","published":"2025-05-09T06:15:38.027","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Improper Limitation of a Pathname caused a Path Traversal vulnerability in Sparx Systems Pro Cloud Server.\n\nThis vulnerability is present in logview.php and it allows reading arbitrary files on the filesystem. \n\nLogview is accessible on Pro Cloud Server Configuration interface. \n\n\nThis issue affects Pro Cloud Server: earlier than 6.0.165."},{"lang":"es","value":"La limitación incorrecta de un nombre de ruta provocó una vulnerabilidad de Path Traversal en Sparx Systems Pro Cloud Server. Esta vulnerabilidad está presente en logview.php y permite leer archivos arbitrarios en el sistema de archivos. Se puede acceder a Logview desde la interfaz de configuración de Pro Cloud Server. Este problema afecta a Pro Cloud Server: versiones anteriores a la 6.0.165."}],"metrics":{"cvssMetricV40":[{"source":"db4dfee8-a97e-4877-bfae-eba6d14a2166","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:L/VA:L/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"HIGH","userInteraction":"NONE","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"LOW","subConfidentialityImpact":"HIGH","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}]},"weaknesses":[{"source":"db4dfee8-a97e-4877-bfae-eba6d14a2166","type":"Secondary","description":[{"lang":"en","value":"CWE-20"},{"lang":"en","value":"CWE-22"}]}],"references":[{"url":"https://sparxsystems.com/products/procloudserver/6.1/","source":"db4dfee8-a97e-4877-bfae-eba6d14a2166"}]}}]}