Vulnerability Details CVE-2025-69614
Incorrect Access Control via activation token reuse on the password-reset endpoint allowing unauthorized password resets and full account takeover. Affected Product: Deutsche Telekom AG Telekom Account Management Portal, versions before 2025-10-27, fixed 2025-10-31.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.3%
CVSS Severity
CVSS v3 Score 9.4
References
Products affected by CVE-2025-69614
-
cpe:2.3:a:telekom:account_management_portal:*