CVE-2025-11242

{"id": "CVE-2025-11242", "cveTags": [{"tags": ["exclusively-hosted-service"], "sourceIdentifier": "iletisim@usom.gov.tr"}], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2025-11242", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "yes"}, {"technicalImpact": "total"}], "version": "2.0.3", "timestamp": "2026-02-10T15:31:43.475021Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "iletisim@usom.gov.tr", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "affected": [{"source": "iletisim@usom.gov.tr", "affectedData": [{"vendor": "Teknolist Computer Systems Software Publishing Industry and Trade Inc.", "product": "Okulistik", "versions": [{"status": "affected", "version": "0", "versionType": "custom", "lessThanOrEqual": "21102025"}], "defaultStatus": "unaffected"}]}], "published": "2026-02-10T09:16:09.200", "references": [{"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0048", "source": "iletisim@usom.gov.tr"}, {"url": "https://www.usom.gov.tr/bildirim/tr-26-0048", "source": "iletisim@usom.gov.tr"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "iletisim@usom.gov.tr", "description": [{"lang": "en", "value": "CWE-918"}]}], "descriptions": [{"lang": "en", "value": "Server-Side Request Forgery (SSRF) vulnerability in Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik allows Server Side Request Forgery.\n\nThis issue affects Okulistik: through 21102025."}, {"lang": "es", "value": "Vulnerabilidad de falsificaci\u00f3n de petici\u00f3n del lado del servidor (SSRF) en Teknolist Computer Systems Software Publishing Industry and Trade Inc. Okulistik permite la falsificaci\u00f3n de petici\u00f3n del lado del servidor. Este problema afecta a Okulistik: hasta el 21102025."}], "lastModified": "2026-06-17T08:29:56.373", "sourceIdentifier": "iletisim@usom.gov.tr"}