Vulnerability Details CVE-2025-59683
Pexip Infinity 15.0 through 38.0 before 38.1 has Improper Access Control in the Secure Scheduler for Exchange service, when used with Office 365 Legacy Exchange Tokens. This allows a remote attacker to read potentially sensitive data and excessively consume resources, leading to a denial of service.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 34.1%
CVSS Severity
CVSS v3 Score 8.2
Products affected by CVE-2025-59683
-
cpe:2.3:a:pexip:pexip_infinity:15
-
cpe:2.3:a:pexip:pexip_infinity:15.1
-
cpe:2.3:a:pexip:pexip_infinity:16
-
cpe:2.3:a:pexip:pexip_infinity:16.1
-
cpe:2.3:a:pexip:pexip_infinity:16.2
-
cpe:2.3:a:pexip:pexip_infinity:17
-
cpe:2.3:a:pexip:pexip_infinity:17.1
-
cpe:2.3:a:pexip:pexip_infinity:17.2
-
cpe:2.3:a:pexip:pexip_infinity:17.3
-
cpe:2.3:a:pexip:pexip_infinity:18
-
cpe:2.3:a:pexip:pexip_infinity:19
-
cpe:2.3:a:pexip:pexip_infinity:20
-
cpe:2.3:a:pexip:pexip_infinity:20.1
-
cpe:2.3:a:pexip:pexip_infinity:21
-
cpe:2.3:a:pexip:pexip_infinity:21.1
-
cpe:2.3:a:pexip:pexip_infinity:21.2
-
cpe:2.3:a:pexip:pexip_infinity:22
-
cpe:2.3:a:pexip:pexip_infinity:22.1
-
cpe:2.3:a:pexip:pexip_infinity:22.2
-
cpe:2.3:a:pexip:pexip_infinity:22.3
-
cpe:2.3:a:pexip:pexip_infinity:23
-
cpe:2.3:a:pexip:pexip_infinity:23.1
-
cpe:2.3:a:pexip:pexip_infinity:23.2
-
cpe:2.3:a:pexip:pexip_infinity:23.3
-
cpe:2.3:a:pexip:pexip_infinity:23.4
-
cpe:2.3:a:pexip:pexip_infinity:24.1
-
cpe:2.3:a:pexip:pexip_infinity:25.0
-
cpe:2.3:a:pexip:pexip_infinity:25.3
-
cpe:2.3:a:pexip:pexip_infinity:25.4
-
cpe:2.3:a:pexip:pexip_infinity:26.0
-
cpe:2.3:a:pexip:pexip_infinity:26.1
-
cpe:2.3:a:pexip:pexip_infinity:26.2
-
cpe:2.3:a:pexip:pexip_infinity:27.0
-
cpe:2.3:a:pexip:pexip_infinity:27.1
-
cpe:2.3:a:pexip:pexip_infinity:27.2
-
cpe:2.3:a:pexip:pexip_infinity:27.3
-
cpe:2.3:a:pexip:pexip_infinity:28.0
-
cpe:2.3:a:pexip:pexip_infinity:28.1
-
cpe:2.3:a:pexip:pexip_infinity:29.0
-
cpe:2.3:a:pexip:pexip_infinity:29.1
-
cpe:2.3:a:pexip:pexip_infinity:30.0
-
cpe:2.3:a:pexip:pexip_infinity:30.1
-
cpe:2.3:a:pexip:pexip_infinity:31.2
-
cpe:2.3:a:pexip:pexip_infinity:32.0
-
cpe:2.3:a:pexip:pexip_infinity:33.0
-
cpe:2.3:a:pexip:pexip_infinity:34.0
-
cpe:2.3:a:pexip:pexip_infinity:34.1
-
cpe:2.3:a:pexip:pexip_infinity:34.2
-
cpe:2.3:a:pexip:pexip_infinity:35.0
-
cpe:2.3:a:pexip:pexip_infinity:35.1
-
cpe:2.3:a:pexip:pexip_infinity:36.0
-
cpe:2.3:a:pexip:pexip_infinity:36.1
-
cpe:2.3:a:pexip:pexip_infinity:36.2
-
cpe:2.3:a:pexip:pexip_infinity:37.0
-
cpe:2.3:a:pexip:pexip_infinity:37.1
-
cpe:2.3:a:pexip:pexip_infinity:37.2
-
cpe:2.3:a:pexip:pexip_infinity:38.0