【Vulnerability Alert】Jinzhun Information | Statistical Database System - Missing Authentication
publish date :
2025-09-19
update date :
2025-09-19
Source: Ministry of education information & communication security contingency platform
"" "" ""
| Publication Number | TACERT-ANA-2025091603094343 | Publication Time | 2025/09/16 15:19 |
| Incident Type | ANA-Vulnerability Alert | Discovery Time | 2025/09/16 15:19 |
| Impact Level | Low | ||
| [Subject] 【Vulnerability Alert】Jinzhun Information | Statistical Database System - Missing Authentication |
|||
| [Content] Forwarded from TWCERTCC-200-202509-00000011 【Jinzhun Information | Statistical Database System - Missing Authentication】(CVE-2025-10452, CVSS: 9.8) A Missing Authentication vulnerability exists in the Statistical Database System developed by Jinzhun Information. An unauthenticated remote attacker can directly read, modify, and delete database contents with high privileges. Information Sharing Level: WHITE (Information content can be publicly disclosed) |
|||
| [Affected Platform] Statistical Database System versions earlier than 1.0.1. |
|||
| [Recommended Actions] Update to version 1.0.1 or later. |
|||
|
[Reference] https://www.twcert.org.tw/tw/cp-132-10379-70d40-1.html |
|||
(This notification is for informational purposes only and does not constitute a cybersecurity incident).
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
If you have questions or suggestions regarding this notification, please feel free to contact us.
Ministry of education information & communication security contingency platform
Website: https://info.cert.tanet.edu.tw/
Phone: +886-7-5250211
Internet Phone: 98400000
E-Mail: service@cert.tanet.edu.tw
Organizer:
Computer Center