How severe is CVE-2025-59363?

CVE-2025-59363 has a CVSS v3 score of 7.7 (HIGH).

CVE-2025-59363

7.7HIGH

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),

Veröffentlicht: 9/14/2025Aktualisiert: 9/15/2025

Beschreibung

In One Identity OneLogin before 2025.3.0, a request returns the OIDC client secret with GET Apps API v2 (even though this secret should only be returned when an App is first created),

KI-AnalyseKI-gestützt

Referenzen

https://onelogin.service-now.com/support?id=kb_article&sys_id=b0aad1e11bd3ea109a47ec29b04bcb72&kb_category=a0d76d70db185340d5505eea4b96199f