VYPR
Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 2, 2025

User Enumeration vulnerability in TCMAN GIM

CVE-2025-41014

Description

User Enumeration Vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system. The vulnerability is exploitable through the 'pda:username' parameter with 'soapaction GetLastDatePasswordChange' in '/WS/PDAWebService.asmx'.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • TCMAN/GIMllm-fuzzy2 versions
    = v11 (20250304)+ 1 more
    • (no CPE)range: = v11 (20250304)
    • (no CPE)range: 0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.