Security Advisory

CVE-2025-41012

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-02 13:12:43

Last updated 2025-12-02 13:25:47

Assigner INCIBE

State PUBLISHED

Description

Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the pda:userId and pda:newPassword parameters with soapaction UnlockUser’ in /WS/PDAWebService.asmx.

← Browse all CVEs View on cve.org ↗