Description
The CGM CLININET application uses direct, sequential object identifiers "MessageID" without proper authorization checks. By modifying the parameter in the GET request, an attacker can access messages and attachments belonging to other users.
References (2)
Core 2
Core References
Various Sources third-party-advisory
https://cert.pl/en/posts/2026/03/CVE-2025-10350/
Various Sources product
https://www.cgm.com/pol_pl/products/szpital/cgm-clininet.html
Scores
CVSS v3
7.5
EPSS
0.0004
EPSS Percentile
12.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-639
Status
published
Products (1)
cgm/clininet
< 2025.ms4
Published
Mar 02, 2026
Tracked Since
Mar 02, 2026