CVE-2025-4210

High PUBLISHED

Casdoor SCIM User Creation Endpoint scim.go HandleScim authorization

Casdoor · Casdoor

Not yet in CISA KEV

Exploited in the wild PoC available

Recommended Action

Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.

Confidence
High
Exploitation Status
Exploited in the wild
Observed in Sensors
No
Attempts (30d)
Unique Attacker IPs
CISA KEV
Not yet in CISA KEV
CVSS / EPSS
6.9 Medium

At a Glance

A vulnerability classified as critical was found in Casdoor up to 1.811.0. This vulnerability affects the function HandleScim of the file controllers/scim.go of the component SCIM User Creation Endpoint. The manipulation leads to authorization bypass. The attack can be initiated remotely. Upgrading to version 1.812.0 is able to address this issue. The name of the patch is 3d12ac8dc2282369296c3386815c00a06c6a92fe. It is recommended to upgrade the affected component. In Casdoor bis 1.811.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um die Funktion HandleScim der Datei controllers/scim.go der Komponente SCIM User Creation Endpoint. Mittels dem Manipulieren mit unbekannten Daten kann eine authorization bypass-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Ein Aktualisieren auf die Version 1.812.0 vermag dieses Problem zu lösen. Der Patch wird als 3d12ac8dc2282369296c3386815c00a06c6a92fe bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.

nuclei_scanner
CVE Published
May 02, 2025
Exploitation Reported
May 02, 2025
CVSS
6.9 Medium
EPSS
Remote Low complexity No user interaction Unauthenticated

Affected Versions

Vendor Product Version Status
n/a
Casdoor

1.811

Affected

CVE References

Recommended Actions

  • Prioritize remediation. Validate affected assets and apply vendor fixes on an accelerated timeline.
  • Check enrichment artifacts for scanner coverage and available PoCs before rolling remediation validation.
  • Use the Pro API to automate enrichment, telemetry, and workflow delivery for VM, SOC, and CTI pipelines.