CVE-2025-31362

low

Description

Use of hard-coded cryptographic key issue exists in BizRobo! all versions. Credentials inside robot files may be obtained if the encryption key is available. The vendor provides the workaround information and recommends to apply it to the deployment environment.

References

https://knowledge.bizrobo.com/hc/ja/articles/39953373809305

https://knowledge.bizrobo.com/hc/ja/articles/39952052043289

https://knowledge.bizrobo.com/hc/ja/articles/39951710517145

https://knowledge.bizrobo.com/hc/ja/articles/360029772271

https://jvn.jp/en/jp/JVN30641875/

Details

Source: Mitre, NVD

Published: 2025-04-11

Updated: 2025-04-11

Risk Information

CVSS v2

Base Score: 2.6

Vector: CVSS2#AV:N/AC:H/Au:N/C:P/I:N/A:N

Severity: Low

CVSS v3

Base Score: 3.7

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Severity: Low

EPSS

EPSS: 0.0002