CVE-2025-13003

Description

Authorization Bypass Through User-Controlled Key vulnerability in Aksis Computer Services and Consulting Inc. AxOnboard allows Exploitation of Trusted Identifiers. This issue affects AxOnboard: from 3.2.0 before 3.3.0.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

Low

Integrity

High

Availability

Low

Affected products

Aksis Computer Services and Consulting Inc. / AxOnboard3.2.0 – 3.3.0

References

MISChttps://www.usom.gov.tr/bildirim/tr-25-0446
MISChttps://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0446