CNNVD-202601-1844 Information
CNNVD ID
CNNVD-202601-1844
Related CVE
- CNNVD Published: 2026-01-12
Description (Chinese)
Viafirma Documents是西班牙Viafirma公司的一款电子签名管理平台。 Viafirma Documents 3.7.129版本存在安全漏洞,该漏洞源于授权机制存在缺陷,可能导致经过身份验证但无特权的用户列出和访问其他用户数据、使用用户创建、修改和删除功能,并在文档生成和签名中冒充其他用户以提升权限。
Description (English)
Viafirma Documents is an electronic signature management platform for the Spanish company Viafirma. Version 3.7.129 of Viafirma Documents contains a security loophole, which stems from deficiencies in the authorization mechanism, which may result in other user data being listed and accessed by an authentication, but not privileged user, using the user to create, modify and remove, and impersonating other users in document generation and signature to enhance privileges.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
Viafirma
Published
2026-01-12
Last Modified
2026-02-24
References
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-viafirma-products