CVE-2025-65415
Received Received - Intake
Session Fixation in docuFORM Managed Print Service Client

Publication date: 2026-05-11

Last updated on: 2026-05-11

Assigner: MITRE

Description
docuFORM Managed Print Service Client 11.11c is vulnerable to a session fixation attack via the login page of the application.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-11
Last Modified
2026-05-11
Generated
2026-06-21
AI Q&A
2026-05-11
EPSS Evaluated
2026-06-19
NVD
CVE-2025-65415
EUVD
EUVD-2025-209774
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
docuform managed_print_service_client to 11.11c (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-384 Authenticating a user, or otherwise establishing a new user session, without invalidating any existing session identifier gives an attacker the opportunity to steal authenticated sessions.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Mitigation Strategies

The immediate mitigation step is to apply the vendor's fix released in November 2025, which addresses the session fixation vulnerability by ensuring a new session ID is generated after successful authentication.

If patching is not immediately possible, consider implementing additional security controls such as enforcing HTTPS to protect session cookies, using secure and HttpOnly flags on cookies, and monitoring for suspicious session activity.

Additionally, educating users to avoid clicking on suspicious links that might preset session IDs can help reduce risk.

Compliance Impact

The vulnerability allows an attacker to hijack authenticated sessions by exploiting session fixation, which can lead to unauthorized access to sensitive information.

Such unauthorized access could potentially result in non-compliance with standards and regulations like GDPR and HIPAA, which require protection of personal and sensitive data against unauthorized access.

However, the provided information does not explicitly state the impact on compliance with these regulations.

Executive Summary

The vulnerability in docuFORM Managed Print Service Client version 11.11c is a session fixation attack. This occurs because the application fails to generate a new session identifier after a user successfully logs in.

An attacker can exploit this by presetting a session ID and tricking a victim into authenticating with that session ID, allowing the attacker to hijack the victim's authenticated session.

Impact Analysis

This vulnerability can allow an attacker to hijack a user's authenticated session, potentially gaining unauthorized access to the user's account and any sensitive information or functionality available within that session.

Such unauthorized access can lead to data breaches, unauthorized actions performed on behalf of the user, and compromise of system integrity.

Detection Guidance

This vulnerability can be detected by monitoring session management behavior on the login page of the docuFORM Managed Print Service Client 11.11c application.

Specifically, you should check if the application generates a new session identifier after successful authentication. If the session ID remains the same before and after login, it indicates susceptibility to session fixation.

To detect this, you can use tools like curl or browser developer tools to capture and compare session cookies before and after login.

  • Use curl to capture cookies before login: curl -c cookies.txt http://<target>/login
  • Perform login and capture cookies after authentication: curl -b cookies.txt -c cookies_after.txt -d 'username=USER&password=PASS' http://<target>/login
  • Compare session IDs in cookies.txt and cookies_after.txt to see if they differ.
Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-65415. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart