Can you explain this vulnerability to me?

CVE-2025-11672 is a Missing Authentication vulnerability in the Uniweb/SoliPACS WebServer developed by EBM Technologies. It allows unauthenticated remote attackers to access a specific web page that reveals user group names without requiring any privileges or user interaction. [1]

Useful 0 Not Useful 0

How can this vulnerability impact me? :

This vulnerability can impact you by allowing unauthorized remote attackers to obtain user group names from the web server. While it does not affect data integrity or availability, it causes a limited confidentiality impact by exposing sensitive information that could be used for further attacks or reconnaissance. [1]

Useful 0 Not Useful 0

How can this vulnerability be detected on my network or system? Can you suggest some commands?

This vulnerability can be detected by attempting to access the specific web pages on the Uniweb/SoliPACS WebServer that expose user group names without authentication. Since the vulnerability allows unauthenticated remote access to these pages, you can use tools like curl or wget to request these URLs and check if sensitive information is returned. For example, you might run commands such as: curl http://<target-server>/<vulnerable-page> or wget -qO- http://<target-server>/<vulnerable-page>. Replace <vulnerable-page> with the specific page known to expose user group names. If the page is accessible without authentication and returns user group information, the vulnerability is present. [1]

Useful 0 Not Useful 0

What immediate steps should I take to mitigate this vulnerability?

The immediate recommended mitigation is to update the Uniweb/SoliPACS WebServer to a version later than 12.1.2577, as versions 12.1.2577 and earlier are affected by this vulnerability. Applying this update will fix the missing authentication issue and prevent unauthenticated remote attackers from accessing sensitive user group information. [1]

Useful 0 Not Useful 0