← Back to CVEs
CVE-2025-11843
N/ADescription
Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On-Premises contain an account impersonation vulnerability. A malicious user may potentially be able to impersonate the web service account or the account of a service using the API when connecting to the Therefore™ Server. If the malicious user gains this impersonation user access, then it is possible for them to access the documents stored in Therefore™. This impersonation is at application level (Therefore access level), not the operating system level.
CVE Details
CVSS v3.1 ScoreN/A
Published10/31/2025
Last Modified11/4/2025
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-290
References
https://www.canon-europe.com/psirt/advisory-information/(4586e0a2-224d-4f8a-9cb4-8882b208c0b3)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.