CVE-2025-59101

Name of the Vulnerable Software and Affected Versions Access Manager (affected versions not specified)

Description The system authenticates users based on their IP address rather than using standard session tokens or cookies. Once an IP address successfully logs in, it is considered authenticated for subsequent requests. This design allows for potential unauthorized access by spoofing the IP address of a logged-in user to the Access Manager web interface.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.