CVE-2025-11580 – PowerJob versions up to 5.1.2 have a missing au... (How to Fix)

Q: What is the severity of CVE-2025-11580?

CVE-2025-11580 has a CVSS score of 5.3 (MEDIUM). PowerJob versions up to 5.1.2 have a missing authorization vulnerability in the /user/list endpoint that allows unauthorized access to user information. This affects all PowerJob deployments using vulnerable versions. Attackers can remotely exploit this to view sensitive user data without proper authentication.

📋 TL;DR

PowerJob versions up to 5.1.2 have a missing authorization vulnerability in the /user/list endpoint that allows unauthorized access to user information. This affects all PowerJob deployments using vulnerable versions. Attackers can remotely exploit this to view sensitive user data without proper authentication.

💻 Affected Systems

Products:

PowerJob

Versions: Up to and including 5.1.2

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: All deployments with the vulnerable endpoint exposed are affected regardless of configuration.

📦 What is this software?

Powerjob by Powerjob

View all CVEs affecting Powerjob →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers gain unauthorized access to all user information including potentially sensitive account details, leading to data breach and privilege escalation opportunities.

🟠

Likely Case

Unauthorized users access user lists containing usernames, roles, and potentially other account metadata, enabling reconnaissance for further attacks.

🟢

If Mitigated

With proper network segmentation and access controls, impact is limited to unauthorized data viewing within the application scope.

🌐 Internet-Facing: HIGH - The vulnerability is remotely exploitable and public exploit details are available, making internet-facing instances prime targets.

🏢 Internal Only: MEDIUM - Internal attackers or compromised internal systems could exploit this to gather user information for lateral movement.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit details are publicly available in GitHub issues, making exploitation straightforward for attackers with basic knowledge.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 5.1.3 or later

Vendor Advisory: https://github.com/PowerJob/PowerJob/issues/1127

Restart Required: Yes

Instructions:

1. Upgrade PowerJob to version 5.1.3 or later. 2. Restart the PowerJob service. 3. Verify the /user/list endpoint now requires proper authorization.

🔧 Temporary Workarounds

Network Access Restriction

all

Restrict network access to PowerJob endpoints using firewall rules or network segmentation

Reverse Proxy Authentication

all

Implement authentication at reverse proxy level before requests reach PowerJob

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach PowerJob endpoints
Monitor access logs for unauthorized requests to /user/list endpoint

🔍 How to Verify

Check if Vulnerable:

Check if PowerJob version is 5.1.2 or earlier and test if /user/list endpoint returns data without proper authentication

Check Version:

Check PowerJob application logs or configuration files for version information

Verify Fix Applied:

After upgrade, verify /user/list endpoint requires authentication and returns appropriate error for unauthorized requests

📡 Detection & Monitoring

Log Indicators:

Unauthorized access attempts to /user/list endpoint
Multiple failed authentication attempts followed by successful /user/list access

Network Indicators:

Unusual traffic patterns to /user/list endpoint from unexpected sources

SIEM Query:

source="powerjob" AND (uri_path="/user/list" AND response_code=200) AND NOT (user_authenticated=true)

📊 Metadata

CVE ID: CVE-2025-11580

CVSS v3 Score: 5.3 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE: CWE-862

EPSS Score: 3.96% exploit probability (88.1th percentile)

Published: October 10, 2025

Last Updated: February 24, 2026

🔗 References

https://github.com/PowerJob/PowerJob/
https://github.com/PowerJob/PowerJob/issues/1127 Issue Tracking,Third Party Advisory
https://vuldb.com/?ctiid.327902 Permissions Required,VDB Entry
https://vuldb.com/?id.327902 Third Party Advisory,VDB Entry
https://vuldb.com/?submit.662446 Third Party Advisory,VDB Entry
https://github.com/PowerJob/PowerJob/issues/1127 Issue Tracking,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-11580, you might also want to check these: