SUNNET Corporate Training Management System Missing Authentication for Critical Function Vulnerability

Vulnerability

A vulnerability allowing remote access to deployment functionality without authentication has been identified in SUNNET Corporate Training Management System versions prior to 10.11. This issue arises from a missing authentication requirement for critical functions, enabling unauthorized users to exploit the vulnerability.

Impact

Exploitation of this vulnerability could lead to unauthorized access to critical deployment functions, potentially allowing attackers to manipulate or disrupt training management processes.

Added: Aug 30, 2025, 4:17 AM

Updated: Aug 30, 2025, 4:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SUNNET Corporate Training Management System Missing Authentication for Critical Function Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating