CVE-2025-11959

{"id": "CVE-2025-11959", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "iletisim@usom.gov.tr", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.1, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.2, "exploitabilityScore": 2.8}]}, "published": "2025-11-11T15:15:35.550", "references": [{"url": "https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0388", "source": "iletisim@usom.gov.tr"}, {"url": "https://www.usom.gov.tr/bildirim/tr-25-0388", "source": "iletisim@usom.gov.tr"}], "vulnStatus": "Deferred", "weaknesses": [{"type": "Secondary", "source": "iletisim@usom.gov.tr", "description": [{"lang": "en", "value": "CWE-359"}, {"lang": "en", "value": "CWE-552"}]}], "descriptions": [{"lang": "en", "value": "Files or Directories Accessible to External Parties, Exposure of Private Personal Information to an Unauthorized Actor vulnerability in Premierturk Information Technologies Inc. Excavation Management Information System allows Footprinting, Functionality Misuse.\n\nThis issue affects Excavation Management Information System: before v.10.2025.01."}], "lastModified": "2026-06-04T20:16:56.293", "sourceIdentifier": "iletisim@usom.gov.tr"}