← voltar
CVE-2025-58406

Lack of HTTP Response Headers

CVSS 5.3 MEDIUMEPSS 0.2%CWE-693
The CGM CLININET application respond without essential security HTTP headers, exposing users to client‑side attacks such as clickjacking, MIME sniffing, unsafe caching, weak cross‑origin isolation, and missing transport security controls.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Produtos afetados
CGM · CGM CLININET

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://cert.pl/en/posts/2026/03/CVE-2025-10350/https://www.cgm.com/pol_pl/products/szpital/cgm-clininet.html