CVE-2025-64299

LOW

LogStare Collector - Info Disclosure

Title source: llm

Description

LogStare Collector improperly handles the password hash data. An administrative user may obtain the other users' password hashes.

References (2)

Scores

CVSS v3 2.7
EPSS 0.0004
EPSS Percentile 12.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Classification

CWE
CWE-201
Status published

Affected Products (1)

secuavail/logstare_collector < 2.4.2

Timeline

Published Nov 21, 2025
Tracked Since Feb 18, 2026