Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attacker to determine whether a user exists on the system by using the 'pda:userId' and 'pda:newPassword' parameters with 'soapaction UnlockUser’ in '/WS/PDAWebService.asmx'.
CVE-2025-41012: Unauthorized access vulnerability in TCMAN GIM v11 version 20250304. This vulnerability allows an unauthenticated attac…
Unauthorized access vulnerability in TCMAN GIM v11 allows attackers to check user existence via 'pda:userId' and 'pda:newPassword' parameters (CVE-2025-41012).