How severe is CVE-2025-10224?

CVE-2025-10224 has a CVSS v3 score of 5.4 (MEDIUM).

CVE-2025-10224

Name: axxon_one
Author: axxonsoft

5.4MEDIUM

Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One (C-Werk) 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned r

Опубликовано: 9/10/2025Обновлено: 10/8/2025

Описание

Improper Authentication (CWE-287) in the LDAP authentication engine in AxxonSoft Axxon One (C-Werk) 2.0.2 and earlier on Windows allows a remote authenticated user to be denied access or misassigned roles via incorrect evaluation of nested LDAP group memberships during login.

ИИ-АнализНа базе ИИ

Затронутые продукты

axxonsoftaxxon_one

Ссылки

https://www.axxonsoft.com/legal/axxonsoft-vulnerability-disclosure-policy/security-advisories
Vendor Advisory