{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-59787","assignerOrgId":"be69f613-e5f6-419b-800c-30351aa8933c","state":"PUBLISHED","assignerShortName":"2N","dateReserved":"2025-09-19T17:22:49.648Z","datePublished":"2026-03-04T15:31:59.211Z","dateUpdated":"2026-03-05T19:01:31.814Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","platforms":["Linux"],"product":"2N Access Commander","vendor":"2N Telekomunikace a.s.","versions":[{"lessThan":"3.5","status":"affected","version":"0","versionType":"Release"}]}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input and potential security or availability impacts.<p></p>"}],"value":"2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving malformed or manipulated requests, indicating improper handling of invalid input and potential security or availability impacts."}],"impacts":[{"capecId":"CAPEC-248","descriptions":[{"lang":"en","value":"CAPEC-248 – Command/Argument Injection via Malformed Input"}]},{"capecId":"CAPEC-153","descriptions":[{"lang":"en","value":"CAPEC-153 – Input Data Manipulation"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"LOW","attackRequirements":"NONE","attackVector":"NETWORK","baseScore":5.3,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"NONE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"NONE","vulnConfidentialityImpact":"LOW","vulnIntegrityImpact":"NONE","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-703","description":"CWE-703 – Improper Check or Handling of Exceptional Conditions","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"be69f613-e5f6-419b-800c-30351aa8933c","shortName":"2N","dateUpdated":"2026-03-04T15:31:59.211Z"},"references":[{"tags":["vendor-advisory"],"url":"https://www.2n.com/en-GB/download/cve_2025_59787_acom_3_5_v1pdf"}],"source":{"discovery":"UNKNOWN"},"title":"HTTP 5XX Internal Server Errors","x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-03-05T19:00:54.958469Z","id":"CVE-2025-59787","options":[{"Exploitation":"none"},{"Automatable":"yes"},{"Technical Impact":"partial"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-03-05T19:01:31.814Z"}}]}}