CVE-2025-50434

MEDIUM

Appian Enterprise Business Process Management <25.3 - Info Disclosure

Title source: llm

Description

A security issue has been identified in Appian Enterprise Business Process Management version 25.3. The vulnerability is related to incorrect access control, which under certain conditions could allow unauthorized access to information. NOTE: this has been disputed because the CVE Record information does not originate from the Supplier, and the report lacks specificity about why a problem exists, how the behavior could be reproduced, and whether any action could be taken to resolve the problem.

References (1)

Core 1

Core References

Various Sources

https://gist.github.com/Exploit097/11f87812186012efa3ffd9d1fec152ed

Scores

CVSS v3 5.3

EPSS 0.0022

EPSS Percentile 12.6%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-284

Status published

Published Aug 19, 2025

Tracked Since Feb 18, 2026