How severe is CVE-2025-10223?

CVE-2025-10223 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2025-10223

Name: axxon_one
Author: axxonsoft

5.4MEDIUM

Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One (C-Werk) prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed

Published: 9/10/2025Updated: 10/8/2025

Description

Insufficient Session Expiration (CWE-613) in the Web Admin Panel in AxxonSoft Axxon One (C-Werk) prior to 2.0.3 on Windows allows a local or remote authenticated attacker to retain access with removed privileges via continued use of an unexpired session token until natural expiration.

AI AnalysisPowered by AI

Affected Products

axxonsoftaxxon_one

References

https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories
Vendor Advisory