CNNVD-202512-3217 Information

CNNVD ID

CNNVD-202512-3217

Related CVE

CVE-2025-67787

• CNNVD Published: 2025-12-17

Description (Chinese)

DriveLock Operations Center是德国DriveLock公司的一款集中式管理控制台。 DriveLock Operations Center 25.1.5之前版本存在安全漏洞，该漏洞源于存在跨站脚本问题，可能导致通过网络进行会话接管。

Description (English)

DriveLock Operations Center is a centralized management console of the German company DriveLock. There was a security loophole in pre-DriveLock Operations Center 25.1.5, which stemmed from the problem of cross-site scripts, which could lead to a web-based session.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

DriveLock

Published

2025-12-17

Last Modified

2026-02-24

References

https://drivelock.help/versions/current/web/en/releasenotes/Content/ReleaseNotes_DriveLock/SecurityBulletins/25-002-CrossSiteScripting.htm

Patch

https://drivelock.help/versions/2025_2/web/en/releasenotes/Content/ReleaseNotes_DriveLock/NewRelease/DL_RelNotes.htm