Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
Sparx Pro Cloud Server Leaks Passwords to Unauthorized Users
CVE-2025-15623
Summary
If you use Sparx Pro Cloud Server, a lack of proper authentication allows anyone to access your database password, potentially giving them control over your system. This is a serious concern because it allows unauthorized access to sensitive information. You should update to the latest version to fix this issue.
Original title
Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Clo...
Original description
Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server.
Unauthenticated user can retrieve database password in plaintext in certain situations
Unauthenticated user can retrieve database password in plaintext in certain situations
nvd CVSS4.0
9.3
Vulnerability type
CWE-359
CWE-497
Published: 17 Apr 2026 · Updated: 17 Apr 2026 · First seen: 17 Apr 2026