CVE-2025-14811

# CVE-2025-14811 PoC - Information Disclosure via HTTP GET Query String # This PoC demonstrates how an attacker could intercept sensitive information # from HTTP GET requests when MITM attack is successful import requests import sys from urllib.parse import urlparse, parse_qs def test_cve_2025_14811(target_url): """ Simulate the information disclosure vulnerability in IBM Sterling PEM. Note: This is for authorized security testing only. """ print(f"[*] Testing target: {target_url}") print(f"[*] CVE-2025-14811: Sensitive info in query string") # Simulated sensitive parameters that might be exposed sensitive_params = [ "auth_token", "session_id", "user_id", "api_key", "password", "credential" ] parsed = urlparse(target_url) query_params = parse_qs(parsed.query) print("\n[+] Analyzing query string parameters...") exposed_sensitive = [] for param_name in query_params: if any(sensitive in param_name.lower() for sensitive in sensitive_params): exposed_sensitive.append(param_name) print(f"[!] WARNING: Potentially sensitive parameter found: {param_name}") if exposed_sensitive: print(f"\n[+] CONFIRMED: {len(exposed_sensitive)} sensitive parameter(s) in query string") print("[+] These parameters could be captured via MITM attack") return True else: print("[-] No obviously sensitive parameters detected") return False def simulate_mitm_capture(url): """ Simulate what an attacker would capture during a MITM attack. """ print("\n[*] Simulating MITM capture...") print(f"[*] Intercepted request URL: {url}") print("[*] Query string could contain: credentials, tokens, session IDs") print("[*] Recommendation: Use POST requests with encrypted body for sensitive data") if __name__ == "__main__": if len(sys.argv) > 1: target = sys.argv[1] test_cve_2025_14811(target) simulate_mitm_capture(target) else: print("Usage: python cve_2025_14811_poc.py <target_url>") print("Example: python cve_2025_14811_poc.py 'https://example.com/api?token=secret123'")

{"cve": {"id": "CVE-2025-14811", "sourceIdentifier": "[email protected]", "published": "2026-03-13T19:53:50.353", "lastModified": "2026-04-02T12:16:19.517", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "IBM Sterling Partner Engagement Manager 6.2.3.0 through 6.2.3.5 and 6.2.4.0 through 6.2.4.2 could allow an attacker to obtain sensitive information from the query string of an HTTP GET method to process a request which could be obtained using man in the middle techniques."}, {"lang": "es", "value": "IBM Sterling Partner Engagement Manager 6.2.3.0 a 6.2.3.5 y 6.2.4.0 a 6.2.4.2 podría permitir a un atacante obtener información sensible de la cadena de consulta de un método GET HTTP para procesar una solicitud que podría obtenerse utilizando técnicas de man-in-the-middle."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N", "baseScore": 3.1, "baseSeverity": "LOW", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.6, "impactScore": 1.4}, {"source": "[email protected]", "type": "Primary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "baseScore": 5.9, "baseSeverity": "MEDIUM", "attackVector": "NETWORK", "attackComplexity": "HIGH", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 2.2, "impactScore": 3.6}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-598"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_partner_engagement_manager:*:*:*:*:essentials:*:*:*", "versionStartIncluding": "6.2.3", "versionEndExcluding": "6.2.3.6", "matchCriteriaId": "687DC91A-7A4C-4FF2-8E23-65C8CDC5F52D"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_partner_engagement_manager:*:*:*:*:standard:*:*:*", "versionStartIncluding": "6.2.3", "versionEndExcluding": "6.2.3.6", "matchCriteriaId": "7D427503-5EF4-485A-8073-C6C0B5723C2A"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_partner_engagement_manager:*:*:*:*:essentials:*:*:*", "versionStartIncluding": "6.2.4", "versionEndExcluding": "6.2.4.3", "matchCriteriaId": "AB87CB0E-55B9-4C72-A592-C7E162A10C63"}, {"vulnerable": true, "criteria": "cpe:2.3:a:ibm:sterling_partner_engagement_manager:*:*:*:*:standard:*:*:*", "versionStartIncluding": "6.2.4", "versionEndExcluding": "6.2.4.3", "matchCriteriaId": "C07A609D-EF2B-423D-8006-B75E33C858D8"}]}]}], "references": [{"url": "https://www.ibm.com/support/pages/node/7263391", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}