EUVD-2025-17457
ID: EUVD-2025-17457
Severity: high
CVSS v4: 7.1 (CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N)
CVSS v3: Not provided
CWE: None listed
Source: ENISA
Description
Incorrect authorization vulnerability in TCMAN's GIM v11. This vulnerability allows an unprivileged attacker to modify the permissions held by each of the application's users, including the user himself by sending a POST request to /PC/Options.aspx?Command=2&Page=-1.
Timestamps
- Normalized:
- Last updated:
References
No references provided.