Sparx Systems Enterprise Architect OpenID OAuth2 Credential Verification Vulnerability

Vulnerability

A vulnerability exists in Sparx Systems Enterprise Architect that stems from insufficient protection of credentials during OpenID authentication. The client fails to verify the recipient of OAuth2 credentials, potentially allowing unauthorized access or actions.

Impact

Exploitation of this vulnerability could lead to unauthorized access or actions by allowing an attacker to bypass OpenID authentication verification.

Added: Apr 16, 2026, 1:22 PM

Updated: Apr 16, 2026, 1:22 PM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.7

remediation

0.0

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.7

remediation

0.0

relevance

6.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Sparx Systems Enterprise Architect OpenID OAuth2 Credential Verification Vulnerability

Vulnerability

Impact

Affected Products

Sparx Systems Sparx Enterprise Architect

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating