Vulnerability Details CVE-2025-35115
Agiloft Release 28 downloads critical system packages over an insecure HTTP connection. An attacker in a Man-In-the-Middle position could replace or modify the contents of the download URL. Users should upgrade to Agiloft Release 30.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.4%
CVSS Severity
CVSS v3 Score 8.1
References