CVE-2025-40624

SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier ‘User’ and “email” parameters of the ‘updatePassword’ endpoint.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcmans-gim	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:tcman:gim:11.0:*:*:*:*:*:*:*

History

13 May 2025, 19:08

Type	Values Removed	Values Added
References	~~() https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcmans-gim -~~	() https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcmans-gim - Third Party Advisory
CPE		cpe:2.3:a:tcman:gim:11.0:::::::*
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
First Time		Tcman gim Tcman

07 May 2025, 14:13

Type	Values Removed	Values Added
Summary		(es) Inyección SQL en GIM v11 de TCMAN. Esta vulnerabilidad permite a un atacante no autenticado inyectar una sentencia SQL para obtener, actualizar y eliminar toda la información de la base de datos. Esta vulnerabilidad se detectó en cada uno de los siguientes parámetros, según el identificador de vulnerabilidad "User" y los parámetros "email" del endpoint "updatePassword".

06 May 2025, 11:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-05-06 11:15

Updated : 2025-05-13 19:08

NVD link : CVE-2025-40624

Mitre link : CVE-2025-40624

CVE.ORG link : CVE-2025-40624

JSON object : View

Products Affected

tcman

gim

CWE

CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

{"id": "CVE-2025-40624", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "cve-coordination@incibe.es", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 9.3, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-05-06T11:15:52.190", "references": [{"url": "https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-tcmans-gim", "tags": ["Third Party Advisory"], "source": "cve-coordination@incibe.es"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "cve-coordination@incibe.es", "description": [{"lang": "en", "value": "CWE-89"}]}], "descriptions": [{"lang": "en", "value": "SQL injection in TCMAN's GIM v11. This vulnerability allows an unauthenticated attacker to inject an SQL statement to obtain, update and delete all information in the database. This vulnerability was found in each of the following parameters according to the vulnerability identifier\u00a0\u2018User\u2019 and \u201cemail\u201d parameters of the \u2018updatePassword\u2019 endpoint."}, {"lang": "es", "value": "Inyecci\u00f3n SQL en GIM v11 de TCMAN. Esta vulnerabilidad permite a un atacante no autenticado inyectar una sentencia SQL para obtener, actualizar y eliminar toda la informaci\u00f3n de la base de datos. Esta vulnerabilidad se detect\u00f3 en cada uno de los siguientes par\u00e1metros, seg\u00fan el identificador de vulnerabilidad \"User\" y los par\u00e1metros \"email\" del endpoint \"updatePassword\"."}], "lastModified": "2025-05-13T19:08:29.810", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:tcman:gim:11.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D6B3BFF6-FD8C-4E8F-8D81-96D988E03C9F"}], "operator": "OR"}]}], "sourceIdentifier": "cve-coordination@incibe.es"}