2025-12-02 13:12:43
INCIBE
PUBLISHED
Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the pda:userId and pda:newPassword parameters with soapaction UnlockUser’ in /WS/PDAWebService.asmx.