CVE-2025-40664

Missing authentication vulnerability in TCMAN GIM v11. This allows an unauthenticated attacker to access the resources /frmGestionUser.aspx/GetData, /frmGestionUser.aspx/updateUser and /frmGestionUser.aspx/DeleteUser.

CVSS

No CVSS.

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcman-gim-0

Configurations

No configuration.

History

26 May 2025, 13:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-26 13:15

Updated : 2025-05-26 13:15

NVD link : CVE-2025-40664

Mitre link : CVE-2025-40664

JSON object : View

Products Affected

No product.

CWE

CWE-306

Missing Authentication for Critical Function

JSON object

Attach tags to CVE-2025-40664

Attach tags to `CVE-2025-40664`