← Voltar para CVEs
CVE-2025-11843
N/ADescricao
Therefore Corporation GmbH has recently become aware that Therefore™ Online and Therefore™ On-Premises contain an account impersonation vulnerability. A malicious user may potentially be able to impersonate the web service account or the account of a service using the API when connecting to the Therefore™ Server. If the malicious user gains this impersonation user access, then it is possible for them to access the documents stored in Therefore™. This impersonation is at application level (Therefore access level), not the operating system level.
Detalhes CVE
Pontuacao CVSS v3.1N/A
Publicado10/31/2025
Ultima modificacao11/4/2025
Fontenvd
Avistamentos honeypot0
Fraquezas (CWE)
CWE-290
Referencias
https://www.canon-europe.com/psirt/advisory-information/(4586e0a2-224d-4f8a-9cb4-8882b208c0b3)
Correlacoes IOC
Sem correlacoes registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.