Question 1

What is CVE-2025-2311 — CVE-2025-2311?

Accepted Answer

Incorrect Use of Privileged APIs, Cleartext Transmission of Sensitive Information, Insufficiently Protected Credentials vulnerability in Sechard Information Technologies SecHard allows Authentication Bypass, Interface Manipulation, Authentication Abuse, Harvesting Information via API Event Monitorin…

Question 2

What is the authoritative source for CVE-2025-2311?

Accepted Answer

CVE-2025-2311 (CVE-2025-2311) is catalogued in NVD + CISA KEV + FIRST EPSS and curated for EU compliance use cases by SQUR.

Question 3

How severe is CVE-2025-2311?

Accepted Answer

CVE-2025-2311 carries a CRITICAL CVSS 9.0 severity rating.

CVSS 3.1	9.0 (CRITICAL)
Vector	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
EPSS	0.16% probability of exploitation · percentile 5.7% · 2026-06-18T12:00:27Z
Published	2025-03-20
Last modified	2026-06-06

Type	Target	Confidence	Tier
Weakness	Cleartext Transmission of Sensitive Informationcwe-319	0%	live
Weakness	Insufficiently Protected Credentialscwe-522	0%	live
Weakness	Incorrect Use of Privileged APIscwe-648	0%	live

CVE-2025-2311CVE-2025-2311

Description

Scoring

Underlying weaknesses· 3

References

3

Related by meaning· 6