{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-26T01:20:40.811","vulnerabilities":[{"cve":{"id":"CVE-2025-59784","sourceIdentifier":"be69f613-e5f6-419b-800c-30351aa8933c","published":"2026-03-04T16:16:25.150","lastModified":"2026-06-17T09:46:42.723","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be included in the logs without prior validation or sanitisation.\nThis vulnerability can only be exploited after authenticating with administrator privileges."},{"lang":"es","value":"2N Access Commander versión 3.4.1 y anteriores es vulnerable a la contaminación de registros. Ciertos parámetros enviados a través de la API pueden ser incluidos en los registros sin validación o saneamiento previo. Esta vulnerabilidad solo puede ser explotada después de autenticarse con privilegios de administrador."}],"affected":[{"source":"be69f613-e5f6-419b-800c-30351aa8933c","affectedData":[{"vendor":"2N Telekomunikace a.s.","product":"2N Access Commander","defaultStatus":"unaffected","platforms":["Linux"],"versions":[{"version":"0","lessThan":"3.4.2","versionType":"Release","status":"affected"}]}]}],"metrics":{"cvssMetricV40":[{"source":"be69f613-e5f6-419b-800c-30351aa8933c","type":"Secondary","cvssData":{"version":"4.0","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X","baseScore":6.9,"baseSeverity":"MEDIUM","attackVector":"NETWORK","attackComplexity":"LOW","attackRequirements":"NONE","privilegesRequired":"NONE","userInteraction":"NONE","vulnConfidentialityImpact":"NONE","vulnIntegrityImpact":"LOW","vulnAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","subAvailabilityImpact":"NONE","exploitMaturity":"NOT_DEFINED","confidentialityRequirement":"NOT_DEFINED","integrityRequirement":"NOT_DEFINED","availabilityRequirement":"NOT_DEFINED","modifiedAttackVector":"NOT_DEFINED","modifiedAttackComplexity":"NOT_DEFINED","modifiedAttackRequirements":"NOT_DEFINED","modifiedPrivilegesRequired":"NOT_DEFINED","modifiedUserInteraction":"NOT_DEFINED","modifiedVulnConfidentialityImpact":"NOT_DEFINED","modifiedVulnIntegrityImpact":"NOT_DEFINED","modifiedVulnAvailabilityImpact":"NOT_DEFINED","modifiedSubConfidentialityImpact":"NOT_DEFINED","modifiedSubIntegrityImpact":"NOT_DEFINED","modifiedSubAvailabilityImpact":"NOT_DEFINED","Safety":"NOT_DEFINED","Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","valueDensity":"NOT_DEFINED","vulnerabilityResponseEffort":"NOT_DEFINED","providerUrgency":"NOT_DEFINED"}}],"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2026-03-04T16:16:38.878662Z","id":"CVE-2025-59784","options":[{"exploitation":"none"},{"automatable":"yes"},{"technicalImpact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"be69f613-e5f6-419b-800c-30351aa8933c","type":"Secondary","description":[{"lang":"en","value":"CWE-117"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:2n:access_commander:*:*:*:*:*:*:*:*","versionEndExcluding":"3.4.2","matchCriteriaId":"F348170B-06FB-4F85-9407-D156804DEFE6"}]}]}],"references":[{"url":"https://www.2n.com/en-GB/download/cve_2025_59784_acom_3_5_v1pdf","source":"be69f613-e5f6-419b-800c-30351aa8933c","tags":["Vendor Advisory"]}]}}]}