Security Advisory

CVE-2025-41015

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-02 13:18:25

Last updated 2025-12-02 14:23:47

Assigner INCIBE

State PUBLISHED

Description

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system. The vulnerability is exploitable through the pda:username parameter with soapaction GetUserQuestionAndAnswer in /WS/PDAWebService.asmx.

← Browse all CVEs View on cve.org ↗