What is CVE-2025-23172?

CVE-2025-23172 is a high-severity vulnerability in Versa Director. CVSS score: 7.2/10. Published 2025-06-18.

How severe is CVE-2025-23172?

High severity. CVSS v3 base score is 7.2 out of 10.

Vulnerability in Versa Director

CVE-2025-23172

The Versa Director SD-WAN orchestration platform includes a Webhook feature for sending notifications to external HTTP endpoints. However, the "Add Webhook" and "Test Webhook" functionalities can be abused by an authenticated user to send…

EPSS: 0.011 (78.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H.

Affected products

Versa Director — versions 21.2.2, 21.2.3, 22.1.1

References

security-portal.versa-networks.com/emailbulletins/68526e7bdc94d6b9f2faf71b
support.versa-networks.com/support/solutions/articles/23000026708-release-22-1-4
support.versa-networks.com/support/solutions/articles/23000026033-release-22-1-3
support.versa-networks.com/support/solutions/articles/23000025680-release-22-1-2
support.versa-networks.com/support/solutions/articles/23000024323-release-21-2-3

Frequently asked questions

What is CVE-2025-23172?: CVE-2025-23172 is a high-severity vulnerability in Versa Director. CVSS score: 7.2/10. Published 2025-06-18.
How severe is CVE-2025-23172?: High severity. CVSS v3 base score is 7.2 out of 10.