CNNVD-202512-3006 Information

CNNVD ID

CNNVD-202512-3006

Related CVE

CVE-2025-0836

• CNNVD Published: 2025-12-16

Description (Chinese)

Milestone Systems XProtect VMS是美国Milestone Systems公司的一个视频管理软件。 Milestone Systems XProtect VMS存在安全漏洞，该漏洞源于授权缺失，可能导致只读用户获得对MIP Webhooks API的完全读写访问。

Description (English)

Mileston Systems XProtec VMS is a video management software of the United States company Milestone Systems. There is a security loophole in Milestone Systems XProtec VMS, which stems from a lack of authorization and may lead to read-only users receiving full reading and writing access to MIP Webbooks API.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Milestone Systems

Published

2025-12-16

Last Modified

2026-02-24

References

https://supportcommunity.milestonesys.com/s/article/CVE-2025-0836-XProtect-MIP-API-broken-access-control?language=en_US https://supportcommunity.milestonesys.com/s/article/XProtect-VMS-cumulative-patches-complete-list?language=en_US

Patch

https://supportcommunity.milestonesys.com/s/article/XProtect-VMS-cumulative-patches-complete-list?language=en_US