【Vulnerability Alert】Allgenic Software | Timestamp Server (TSA) - Missing Authentication
publish date :
2025-09-16
update date :
2025-09-17
Source: Ministry of education information & communication security contingency platform
"" "" "" ""
| Publication Number | TACERT-ANA-2025090409095454 | Publication Time | 2025/09/04 09:40 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2025/09/04 09:40 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】Allgenic Software | Timestamp Server (TSA) - Missing Authentication |
|||
| [Content] Forwarded from TWCERTCC-200-202509-00000002 【Allgenic Software | Timestamp Server (TSA) - Missing Authentication】(CVE-2025-8861, CVSS: 9.8) A Missing Authentication vulnerability exists in the Timestamp Server (TSA) developed by Allgenic Software, allowing unauthenticated remote attackers to use developer tools to read, modify, and delete database contents. Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
| [Affected Platform] The Timestamp Server (TSA) is affected only if purchased before February 6, 2025. |
|||
| [Recommended Actions] Contact the vendor to confirm whether the patch has been applied. |
|||
| [Reference] https://www.twcert.org.tw/tw/cp-132-10360-012e7-1.html |
|||
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer:
Computer Center