How severe is CVE-2025-10223?

CVE-2025-10223 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2025-10223

Name: axxon_one
Author: axxonsoft

5.4MEDIUM

Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One (C-Werk) prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed

Veröffentlicht: 9/10/2025Aktualisiert: 10/8/2025

Beschreibung

Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One (C-Werk) prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed privileges via continued use of an unexpired session token until natural expiration.

KI-AnalyseKI-gestützt

Betroffene Produkte

axxonsoftaxxon_one

Referenzen

https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories
Vendor Advisory