CVE-2025-23408

CWE-5213 documents3 sources
Severity
8.5HIGH
EPSS
0.2%
top 61.96%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Apache FineractApache Software Foundation Apache Fineract
Timeline
PublishedDec 12

Description

Weak Password Requirements vulnerability in Apache Fineract. This issue affects Apache Fineract: through 1.10.1. The issue is fixed in version 1.11.0. Users are encouraged to upgrade to version 1.13.0, the latest release.

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:H/SI:H/SA:H

Affected Packages2 packages

NVDapache/fineract< 1.11.0

🔴Vulnerability Details

2
GHSA
GHSA-6jvx-rr4c-j9j5: Weak Password Requirements vulnerability in Apache Fineract2025-12-12
CVEList
Apache Fineract: weak password policy2025-12-12
CVE-2025-23408 (HIGH CVSS 8.5) | Weak Password Requirements vulnerab | cvebase.io