VYPR
Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025

Unauthorized access vulnerability in TCMAN GIM

CVE-2025-41012

Description

Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the 'pda:userId' and 'pda:newPassword' parameters with 'soapaction UnlockUser’ in '/WS/PDAWebService.asmx'.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • TCMAN/GIMllm-create2 versions
    = 20250304+ 1 more
    • (no CPE)range: = 20250304
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.