PT-2025-43421 · Unknown · Command Centre Server

Published

2025-10-23

Updated

2025-10-23

CVE-2025-35981

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Command Centre Server versions 9.10.3194 (MR6), 9.20.2337 (MR3), and 9.30.1874 (MR1)

Description A flaw exists in Command Centre Server that could allow a privileged Operator to view limited personal data about a Cardholder that they would not normally have permissions to access. This is due to an exposure of private personal information to an unauthorized actor.

Recommendations Update Command Centre Server to a version later than 9.30.1874 (MR1). Update Command Centre Server to a version later than 9.20.2337 (MR3). Update Command Centre Server to a version later than 9.10.3194 (MR6).

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-359

Related Identifiers

CVE-2025-35981

Affected Products

Command Centre Server

PT-2025-43421 · Unknown · Command Centre Server

CVE-2025-35981

Weakness Enumeration

Related Identifiers

Affected Products

References · 5