Skip to main content
Press slash or control plus K to focus the search. Use the arrow keys to navigate results and press enter to open a threat.
Reconnecting to live updates…

CVE-2025-62244: CWE-639 Authorization Bypass Through User-Controlled Key in Liferay Portal

0
Medium
VulnerabilityCVE-2025-62244cvecve-2025-62244cwe-639
Published: Mon Oct 13 2025 (10/13/2025, 16:53:35 UTC)
Source: CVE Database V5
Vendor/Project: Liferay
Product: Portal

Description

Insecure direct object reference (IDOR) vulnerability in Publications in Liferay Portal 7.3.1 through 7.4.3.111, and Liferay DXP 2023.Q4.0 through 2023.Q4.5, 2023.Q3.1 through 2023.Q3.8, and 7.4 GA through update 92, and 7.3 GA through update 36 allows remote authenticated attackers to view the edit page of a publication via the _com_liferay_change_tracking_web_portlet_PublicationsPortlet_ctCollectionId parameter.

AI-Powered Analysis

AILast updated: 10/13/2025, 17:31:08 UTC

Technical Analysis

CVE-2025-62244 is an authorization bypass vulnerability classified under CWE-639 (Authorization Bypass Through User-Controlled Key) affecting Liferay Portal and Liferay DXP products. The flaw exists in the Publications component of Liferay Portal versions 7.3.1 through 7.4.3.111 and several 2023 Q3 and Q4 releases of Liferay DXP. The vulnerability arises because the application improperly validates the _com_liferay_change_tracking_web_portlet_PublicationsPortlet_ctCollectionId parameter, which is user-controllable. This parameter is used to identify the change tracking collection associated with a publication. Due to insufficient authorization checks, an authenticated attacker can manipulate this parameter to gain unauthorized access to the edit page of publications they should not have permission to modify. This constitutes an insecure direct object reference (IDOR) vulnerability, allowing unauthorized viewing and potentially unauthorized editing of publication content. The vulnerability requires the attacker to be authenticated and to interact with the application, but no elevated privileges or complex exploitation techniques are necessary. The CVSS 4.0 vector indicates network attack vector (AV:N), low attack complexity (AC:L), no privileges required (PR:L means low privileges), user interaction required (UI:A), and limited impact on confidentiality (VC:L), with no impact on integrity or availability. No public exploits or active exploitation have been reported as of the publication date. The vulnerability affects multiple versions, including Liferay Portal 7.3.1 and up to 7.4.3.111, as well as Liferay DXP 2023 Q3 and Q4 releases, indicating a broad exposure for organizations using these versions.

Potential Impact

For European organizations, the impact of CVE-2025-62244 primarily concerns unauthorized access to sensitive publication editing interfaces within Liferay Portal or DXP environments. This could lead to unauthorized disclosure of unpublished or internal content, potentially causing reputational damage or leakage of sensitive business information. Although the vulnerability does not directly affect data integrity or system availability, unauthorized access to editing pages could be leveraged in combination with other vulnerabilities or insider threats to escalate privileges or manipulate content. Organizations relying on Liferay Portal for content management, intranet portals, or customer-facing websites may face compliance risks under GDPR if sensitive personal data is exposed. The requirement for authentication limits exposure to internal or partner users, but phishing or credential compromise could increase risk. The medium severity rating suggests moderate risk, but the broad usage of Liferay Portal in European public and private sectors makes this a relevant threat. Without timely patching or mitigation, attackers with valid credentials could exploit this vulnerability to bypass authorization controls, undermining trust in content governance processes.

Mitigation Recommendations

To mitigate CVE-2025-62244, organizations should first verify if they are running affected versions of Liferay Portal or DXP and prioritize upgrading to patched versions once available. In the absence of official patches, implement strict access controls and monitoring around publication editing interfaces. Enforce the principle of least privilege by restricting user roles that can access the Publications portlet. Conduct thorough code reviews or configuration audits to ensure that authorization checks are properly enforced on the _com_liferay_change_tracking_web_portlet_PublicationsPortlet_ctCollectionId parameter and similar user-controlled inputs. Employ web application firewalls (WAFs) with custom rules to detect and block suspicious parameter tampering attempts. Enhance logging and alerting for access to publication edit pages, correlating with user authentication events to detect anomalous behavior. Educate users about phishing risks to reduce credential compromise likelihood. Finally, consider implementing multi-factor authentication (MFA) to strengthen authentication security, reducing the risk that attackers can exploit this vulnerability even if credentials are stolen.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
Liferay
Date Reserved
2025-10-09T20:58:49.217Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 68ed375065e259ed7ed7d000

Added to database: 10/13/2025, 5:30:56 PM

Last enriched: 10/13/2025, 5:31:08 PM

Last updated: 10/13/2025, 8:12:45 PM

Views: 6

Community Reviews

0 reviews

Crowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.

Sort by
Loading community insights…

Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.

Actions

PRO

Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats