CVE-2025-59786

Summary

2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in web application.

Affected Software

VendorProductVersion RangeStatus
2N Telekomunikace a.s.2N Access Commander0 < 3.5affected

Weaknesses

  • CWE-613: CWE-613 Insufficient Session Expiration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References