CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-51308

In Gatling Enterprise versions below 1.25.0, a low-privileged user that does not hold the role "admin" could perform a REST API call on read-only endpoints, allowing him to collect some information, due to missing authorization checks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.7%

CVSS Severity

CVSS v3 Score 5.3

References

https://gatling.io/products
https://github.com/Flo354/vulnerabilities/blob/main/gatling-enterprise/CVE-2025-51308-broken-access-control.md
https://github.com/Flo354/vulnerabilities/tree/main/gatling-enterprise

Products affected by CVE-2025-51308

Gatling » Gatling » Version: Any

cpe:2.3:a:gatling:gatling:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-51308

Products

Pricing

Contact Us