Security Advisory

CVE-2025-61940

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-02 21:07:47

Last updated 2025-12-09 17:03:27

Assigner icscert

State PUBLISHED

Description

NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest version of NMIS/BioDose introduces an option to use Windows user authentication with the database, which would restrict this database connection.

← Browse all CVEs View on cve.org ↗