← Volver a CVEs
CVE-2025-11843
N/ADescripcion
Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On-Premises contain an account impersonation vulnerability. A malicious user may potentially be able to impersonate the web service account or the account of a service using the API when connecting to the Therefore™ Server. If the malicious user gains this impersonation user access, then it is possible for them to access the documents stored in Therefore™. This impersonation is at application level (Therefore access level), not the operating system level.
Detalles CVE
Puntuacion CVSS v3.1N/A
Publicado10/31/2025
Ultima modificacion11/4/2025
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-290
Referencias
https://www.canon-europe.com/psirt/advisory-information/(4586e0a2-224d-4f8a-9cb4-8882b208c0b3)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.