PT-2025-35337 · Unknown · Corporate Training Management System
Published
2025-08-30
·
Updated
2026-01-30
·
CVE-2025-54943
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
SUNNET Corporate Training Management System versions prior to 10.11
Description
The SUNNET Corporate Training Management System contains a missing authorization flaw. This allows remote attackers to deploy applications without proper authorization due to inadequate access control checks.
Recommendations
Update to a version newer than 10.11.
Fix
Missing Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Corporate Training Management System