Browse all 9 CVE security advisories affecting Control iD. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Control iD provides identity and access management solutions for enterprise environments. Historically, their products have been vulnerable to classes including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The company has recorded 9 CVEs to date, with several critical flaws allowing unauthorized system access. Notable security characteristics include authentication bypass weaknesses in their web interfaces and insufficient input validation in API endpoints. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in access control components suggests potential risks in deployment environments requiring strict privilege management.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-2125 | Control iD RH iD PDF Document companyId resource injection — RH iDCWE-99 | 4.3 | Medium | 2025-03-09 |
| CVE-2025-2124 | Control iD RH iD API change_password cross site scripting — RH iDCWE-79 | 3.5 | Low | 2025-03-09 |
| CVE-2023-6329 | Control iD iDSecure passwordCustom Authentication Bypass — iDSecureCWE-287 | 9.8 | Critical | 2023-11-27 |
| CVE-2023-4392 | Control iD Gerencia Web Cookie cleartext storage — Gerencia WebCWE-312 | 3.7 | Low | 2023-08-17 |
| CVE-2023-2524 | Control iD RHiD direct request — RHiDCWE-425 | 6.3 | Medium | 2023-05-04 |
| CVE-2023-2421 | Control iD RHiD department cross site scripting — RHiDCWE-79 | 3.5 | Low | 2023-04-29 |
| CVE-2023-2044 | Control iD iDSecure Dispositivos Page cross site scripting — iDSecureCWE-79 | 3.5 | Low | 2023-04-14 |
| CVE-2023-2043 | Control iD RHiD Edit a sql injection — RHiDCWE-89 | 6.3 | Medium | 2023-04-14 |
| CVE-2023-0125 | Control iD Gerencia Web Web Interface cross site scripting — Gerencia WebCWE-79 | 2.4 | Low | 2023-01-09 |
This page lists every published CVE security advisory associated with Control iD. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.