CVE-2025-59786

Medium CVSS: 6.0

2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application.

Vendor

Product

Access Commander

CWE

CWE-613

Yayın Tarihi

2026-03-04 16:16:25

Güncelleme

2026-03-05 14:30:45

Source Identifier

be69f613-e5f6-419b-800c-30351aa8933c

KEV Date Added

Kategoriler

CWE-613 Access Commander MEDIUM 2n 2026

Referanslar

https://www.2n.com/en-GB/download/cve_2025_59786_acom_3_5_v1pdf

Benzer Kayıtlar

Medium

CVE-2025-59784

2N Access Commander version 3.4.1 and prior is vulnerable to log pollution. Certain parameters sent over API may be incl…

Medium

CVE-2025-59785

Improper validation of API end-point in 2N Access Commander version 3.4.2 and prior allows attacker to bypass password p…

Medium

CVE-2025-59787

2N Access Commander application version 3.4.2 and prior returns HTTP 500 Internal Server Error responses when receiving…

High

CVE-2025-59783

API endpoint for user synchronization in 2N Access Commander version 3.4.1 did not have a sufficient input validation al…