CVE-2025-24527 – Akamai Enterprise Application Access (EAA) Authentication Bypass Vulnerability
The following table lists the changes that have been made to the CVE-2025-24527 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability’s severity, exploitability, or other characteristics.
-
New CVE Received by [email protected]
Jan. 29, 2025
Action Type Old Value New Value Added Description An issue was discovered in Akamai Enterprise Application Access (EAA) before 2025-01-17. If an admin knows another tenant’s 128-bit connector GUID, they can execute debug commands on that connector. Added CVSS V3.1 AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H Added CWE CWE-732 Added Reference https://techdocs.akamai.com/eaa/changelog Added Reference https://techdocs.akamai.com/eaa/changelog/january-29-2024