Ghostwire

CVE-2025-15623: Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an...

MEDIUM CVSS 0.0 Exploit Available

Published: April 17, 2026 | Last Modified: April 17, 2026

Description

Exposure of Private Personal Information to an Unauthorized Actor, : Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Sparx Systems Pty Ltd. Sparx Pro Cloud Server. Unauthenticated user can retrieve database password in plaintext in certain situations

Ghostwire Analysis — What This Means Practically

Exploit code is reported to be available, increasing the likelihood of active exploitation.

This analysis is generated by Ghostwire from NVD, CISA KEV, EPSS, and open-source intelligence data. Verify findings through primary sources before acting.

References

sparxsystems.com/products/procloudserver/6.1/history.html
www.tenable.com/cve/CVE-2025-15623
www.cnnvd.org.cn/home/globalSearch?keyword=CVE-2025-15623