📦 Secure Access
by Absolute
🔍 What is Secure Access?
Description coming soon...
🛡️ Security Overview
Click on a severity to filter vulnerabilities
⚠️ Known Vulnerabilities
CVE-2025-49084 allows attackers with administrative access to the Absolute Secure Access management console to overwrite policy rules without proper authorization. This affects organizations using Abs...
CVE-2026-0517 is a denial-of-service vulnerability in Secure Access Server where an attacker can crash the server by sending a specially crafted packet. This affects all systems running Secure Access ...
CVE-2025-59595 is a denial of service vulnerability in Secure Access versions before 14.12 where an attacker can send a specially crafted packet to crash the server. This affects organizations running...
CVE-2025-49083 is a deserialization vulnerability in Absolute Secure Access management console that allows authenticated administrators to execute arbitrary code in the console's security context. Thi...
CVE-2026-0518 is a cross-site scripting vulnerability in Absolute Secure Access versions prior to 14.20 that allows an attacker with administrative privileges to inject malicious scripts into the admi...
CVE-2025-54088 is an open-redirect vulnerability in Secure Access software that allows attackers with console access to redirect victims to malicious URLs. This affects organizations using Secure Acce...
An insufficient input validation vulnerability in Absolute Secure Access warehouse component allows attackers with system administrator permissions to write invalid data over the network, causing deni...
CVE-2025-27702 is a privilege escalation vulnerability in Absolute Secure Access management console where administrators with specific permissions can bypass those permissions to modify settings they ...
This cross-site scripting vulnerability in Absolute Secure Access's policy management UI allows authenticated attackers to craft malicious links that, when clicked by victim administrators, can manipu...
This cross-site scripting vulnerability in Absolute Secure Access management UI allows attackers with administrator permissions to inject malicious scripts that execute when other administrators view ...
This is a stored cross-site scripting (XSS) vulnerability in Absolute Secure Access management UI that allows authenticated system administrators to inject malicious scripts. When exploited, it can in...
This cross-site scripting vulnerability in Absolute Secure Access allows attackers with system administrator permissions to inject malicious scripts into the policy management UI. This can interfere w...
This vulnerability allows attackers with system administrator permissions to impair the availability of certain elements of the Secure Access administrative UI by writing invalid data to the warehouse...
Secure Access versions 12.70 through 14.20 may write unredacted authentication tokens to logs under certain configurations. Attackers with access to these logs could steal tokens and impersonate legit...