CVE-2025-9313 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An unauthenticated user can connect to a publicly accessible database using arbitrary credentials. The system grants full access to the database by leveraging a…
Critical CVSS: 9.3

CVE-2025-9313

An unauthenticated user can connect to a publicly accessible database using arbitrary credentials. The system grants full access to the database by leveraging a previously authenticated connection through a "mmBackup" application. This flaw allows attackers to bypass authentication mechanisms and gain unauthorized access to database with sensitive data.

This issue affects Asseco mMedica in versions before 11.9.5.
Vendor
-
Product
-
CWE
CWE-288
Yayın Tarihi
2025-10-28 12:15:42
Güncelleme
2025-10-30 15:05:32
Source Identifier
cvd@cert.pl
KEV Date Added
-

Kategoriler

CWE-288 CRITICAL 2025

Referanslar

https://cert.pl/en/posts/2025/10/CVE-2025-9313/ https://mmedica.asseco.pl/