Primary

Context

e-Excellence U-Office Force Improper Authentication Vulnerability Allowing Administrator Login

Vulnerability

Patched

A vulnerability allowing improper authentication has been identified in e-Excellence U-Office Force versions prior to 28.0. This vulnerability enables unauthenticated remote attackers to manipulate cookies and use a specific API to log in as an administrator.

Impact

Exploitation of this vulnerability allows for unauthorized access to the administrative account, potentially leading to further actions within the application that require administrative privileges.

Remediation

Users are advised to update to U-Office Force version 28.0 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

e-Excellence U-Office Force Improper Authentication Vulnerability Allowing Administrator Login

Vulnerability

Impact

Remediation

Affected Products

e-Excellence U-Office Force

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating