CVE-2026-8216
Improper Authentication in IAS Canias ERP 8.03 via Java RMI
Publication date: 2026-05-10
Last updated on: 2026-05-10
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| industrial_application_software | canias_erp | 8.03 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Industrial Application Software IAS Canias ERP version 8.03, specifically in the function iasServerRemoteInterface.doAction within the Java RMI Session Management component. It allows an attacker to manipulate the system in a way that leads to improper authentication. The attack can be performed remotely, meaning an attacker does not need physical access to exploit this issue.
How can this vulnerability impact me? :
The vulnerability can impact you by allowing unauthorized remote attackers to bypass authentication controls. This could lead to unauthorized access to the affected system, potentially compromising confidentiality, integrity, and availability of data and services within the IAS Canias ERP environment.