CNNVD-202511-1410 Information

Nov 12, 2025 cve

CNNVD ID

CNNVD-202511-1410

CVE-2025-9316

CNNVD Published: 2025-11-12

Description (Chinese)

N-able N-central是加拿大N-able公司的一个 RMM 平台。为成熟的 MSP 和 IT 专业人员提供了大规模管理、自动化和编排功能。 N-able N-central 2025.4之前版本存在安全漏洞，该漏洞源于为未验证用户生成会话ID。

Description (English)

N-able N-central is a RMM platform for N-ables Canada. Large-scale management, automation and organization functions are provided to mature MSP and IT professionals. There was a security loophole in the pre-N-able N-central 2025.4 version, which originated from the generation of session ID for unverified users.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

N-able

Published

2025-11-12

Last Modified

2026-02-24

References

https://me.n-able.com/s/security-advisory/aArVy0000000rdpKAA/cve20259316-ncentral-unauthenticated-sessionid-generation

Patch

https://me.n-able.com/s/security-advisory/aArVy0000000rdpKAA/cve20259316-ncentral-unauthenticated-sessionid-generation

Share on: