GET

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

GET /api/vulnerabilities/353539?format=api
HTTP 200 OK
Allow: GET, HEAD, OPTIONS
Content-Type: application/json
Vary: Accept

{
    "url": "http://public2.vulnerablecode.io/api/vulnerabilities/353539?format=api",
    "vulnerability_id": "VCID-j6ta-ru9d-nbd3",
    "summary": "Optigo Networks Visual BACnet Capture Tool and Optigo Visual Networks Capture Tool version 3.1.2rc11 contain an exposed web management service that could allow an attacker to bypass authentication measures and gain controls over utilities within the products.",
    "aliases": [
        {
            "alias": "CVE-2025-2080"
        }
    ],
    "fixed_packages": [],
    "affected_packages": [],
    "references": [
        {
            "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2080",
            "reference_id": "",
            "reference_type": "",
            "scores": [
                {
                    "value": "0.00043",
                    "scoring_system": "epss",
                    "scoring_elements": "0.13761",
                    "published_at": "2026-06-06T12:55:00Z"
                },
                {
                    "value": "0.00043",
                    "scoring_system": "epss",
                    "scoring_elements": "0.13637",
                    "published_at": "2026-06-08T12:55:00Z"
                },
                {
                    "value": "0.00043",
                    "scoring_system": "epss",
                    "scoring_elements": "0.13667",
                    "published_at": "2026-06-09T12:55:00Z"
                },
                {
                    "value": "0.00043",
                    "scoring_system": "epss",
                    "scoring_elements": "0.13758",
                    "published_at": "2026-06-05T12:55:00Z"
                },
                {
                    "value": "0.00043",
                    "scoring_system": "epss",
                    "scoring_elements": "0.13722",
                    "published_at": "2026-06-07T12:55:00Z"
                }
            ],
            "url": "https://api.first.org/data/v1/epss?cve=CVE-2025-2080"
        },
        {
            "reference_url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-070-02",
            "reference_id": "icsa-25-070-02",
            "reference_type": "",
            "scores": [
                {
                    "value": "9.3",
                    "scoring_system": "cvssv4",
                    "scoring_elements": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"
                },
                {
                    "value": "Track",
                    "scoring_system": "ssvc",
                    "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-03-13T18:46:34Z/"
                }
            ],
            "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-070-02"
        }
    ],
    "weaknesses": [
        {
            "cwe_id": 288,
            "name": "Authentication Bypass Using an Alternate Path or Channel",
            "description": "A product requires authentication, but the product has an alternate path or channel that does not require authentication."
        }
    ],
    "exploits": [],
    "severity_range_score": "9.3 - 9.3",
    "exploitability": null,
    "weighted_severity": null,
    "risk_score": null,
    "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-j6ta-ru9d-nbd3"
}