CNNVD-202508-3256 Information

CNNVD ID

CNNVD-202508-3256

Related CVE

CVE-2025-30039

• CNNVD Published: 2025-08-27

Description (Chinese)

CGM CLININET是德国CGM公司的一款医院信息管理系统。 CGM CLININET存在访问控制错误漏洞，该漏洞源于未经验证可访问GetActiveSessions.pl端点，可能导致会话接管。

Description (English)

CGM CLIINNET is a hospital information management system operated by the German company CGM. CGM CLIINNET has a bug in access control, which stems from unverifiable access to the GetActiveSsessions.pl endpoint, which may lead to a session taking over.

Hazard Level

Medium

Vulnerability Type

访问控制错误

Affected Vendor

CGM

Published

2025-08-27

Last Modified

2026-02-24

References

https://cert.pl/en/posts/2025/08/CVE-2025-2313/ https://nvd.nist.gov/vuln/detail/CVE-2025-30039