CNNVD-202508-3483 Information
CNNVD ID
CNNVD-202508-3483
Related CVE
- CNNVD Published: 2025-08-29
Description (Chinese)
Centurion ERP是No Fuss Computing开源的一个管理系统。 Centurion ERP 1.12.0至1.21.0之前版本存在授权问题漏洞,该漏洞源于认证令牌查看不当,可能导致信息泄露。
Description (English)
Central ERP is a management system for No Fuss Company. There was a delegation of authority gap in previous versions of the Centre ERP 1.12.0 to 1.21.0, which stemmed from improper access to authentication tokens, which could lead to the disclosure of information.
Hazard Level
Critical
Vulnerability Type
授权问题
Affected Vendor
No Fuss Computing
Published
2025-08-29
Last Modified
2026-02-24
References
https://github.com/nofusscomputing/centurion_erp/security/advisories/GHSA-x75j-cm35-5qcg https://github.com/nofusscomputing/centurion_erp/pull/974 https://github.com/nofusscomputing/centurion_erp/commit/332eb1075ad828e5c4c24caeaf5605259eb7ce34 https://access.redhat.com/security/cve/cve-2025-58156 https://nvd.nist.gov/vuln/detail/CVE-2025-58156
Patch
https://github.com/nofusscomputing/centurion_erp/releases
Share on: