CNNVD-202511-1512 Information

CNNVD ID

CNNVD-202511-1512

Related CVE

CVE-2025-12871

• CNNVD Published: 2025-11-12

Description (Chinese)

aEnrich a+HRD是中国育碁（aEnrich）公司的一个全方位人力资源开发化解决方案。 aEnrich a+HRD存在安全漏洞，该漏洞源于身份验证滥用，可能导致未经验证的远程攻击者伪造管理员访问令牌并提升权限访问系统。

Description (English)

aEnrich a+HRD is a holistic human resource development solution for aEnrich Corporation in China. aEnrich a+HRD has a security loophole, which stems from the misuse of identification, which may lead uncertified remote assailants to falsify their access to their badges and upgrade their access systems.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

育碁

Published

2025-11-12

Last Modified

2026-02-24

References

https://www.twcert.org.tw/en/cp-139-10487-12a32-2.html https://www.twcert.org.tw/tw/cp-132-10486-a3459-1.html https://www.chtsecurity.com/news/b97e8337-6b0c-43e8-8e8c-187b7c0e13c2

Patch

https://www.aenrich.com.tw/products/mps.html