CNNVD-202510-1077 Information
Oct 07, 2025
cve
CNNVD ID
CNNVD-202510-1077
Related CVE
- CNNVD Published: 2025-10-07
Description (Chinese)
BBMRI-ERIC Negotiator是奥地利BBMRI-ERIC公司的一个生物样本库访问工具。 BBMRI-ERIC Negotiator v3.15.2版本存在安全漏洞,该漏洞源于对userID参数操作不当,可能导致不安全的直接对象引用攻击。
Description (English)
BBMRI-ERIC Negotiator is a biological sample bank access tool for the Austrian company BBMRI-ERIC. Version BBMRI-ERIC Negotiator v3.15.2 contains a security loophole, which stems from the improper operation of the userID parameters and may lead to unsafe direct object reference attacks.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
BBMRI-ERIC
Published
2025-10-07
Last Modified
2026-02-24
References
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-bbmri-eric-negotiator
Patch
https://github.com/BBMRI-ERIC/negotiator/releases
Share on: