CVE-2025-56467

{"id": "CVE-2025-56467", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.8}]}, "published": "2025-09-12T17:15:47.757", "references": [{"url": "http://axis.com", "source": "cve@mitre.org"}, {"url": "https://github.com/dewcode91/security-research/blob/main/CVE-2025-56467.md", "source": "cve@mitre.org"}, {"url": "https://github.com/dewcode91/security-research/blob/main/CVE-2025-56467.mdhttps://github.com/dewcode91/security-research/blob/main/CVE-2025-56467.md", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Received", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in AXIS BANK LIMITED Axis Mobile App 9.9 allowing attackers to gain sensitive information without UPI PIN such as account information, balances, transaction history, and other unspecified information."}], "lastModified": "2025-09-12T18:15:34.697", "sourceIdentifier": "cve@mitre.org"}