Skip to main content

docuFORM Managed Print Service Client EUVD-2025-209774

| CVE-2025-65415 MEDIUM
Session Fixation (CWE-384)
2026-05-11 mitre GHSA-m2fh-h99m-5gh4
Information Disclosure Session Fixation
5.4
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
Low
Integrity
Low
Availability
None

Lifecycle Timeline

4
Analysis Generated
May 11, 2026 - 20:39 vuln.today
CVSS changed
May 11, 2026 - 20:37 NVD
5.4 (MEDIUM)
CVE Published
May 11, 2026 - 00:00 nvd
MEDIUM 5.4
CVE Published
May 11, 2026 - 00:00 nvd
UNKNOWN (no severity yet)

DescriptionNVD

docuFORM Managed Print Service Client 11.11c is vulnerable to a session fixation attack via the login page of the application.

AnalysisAI

Session fixation vulnerability in docuFORM Managed Print Service Client 11.11c allows unauthenticated remote attackers to hijack user sessions via the login page, enabling unauthorized access to application functions and potential disclosure of sensitive print job data. The vulnerability requires user interaction (clicking a malicious link) and affects confidentiality and integrity with a CVSS score of 5.4. No public exploit code or active exploitation has been confirmed at the time of analysis.

Technical ContextAI

The vulnerability is a session fixation attack (CWE-384) occurring at the application's authentication layer. Session fixation exploits occur when an application fails to invalidate and regenerate session identifiers upon successful user authentication. An attacker can pre-establish a known session ID, trick a user into authenticating with that session, and then reuse the same session ID to impersonate the authenticated user. In this case, the flaw exists in the login page of docuFORM's Managed Print Service Client, a print management application. The attack vector is network-based and does not require authentication or special privileges from the attacker, but does require user interaction (UI:R), indicating the victim must be socially engineered or tricked into accessing a malicious link or form that fixes the session identifier.

RemediationAI

Contact docuFORM support at docuform.de to determine if a patched version of the Managed Print Service Client is available, as no specific patch version is confirmed in the available source data. If a patch has not been released, implement immediate compensating controls: enforce HTTPS-only communication for all login sessions to prevent session ID interception in transit; configure browsers and proxies to enforce secure session cookie attributes (Secure, HttpOnly, SameSite=Strict) to limit attacker ability to inject or steal session tokens; educate users not to click suspicious links that pre-establish session parameters and to always log in directly by typing the application URL; and implement server-side session validation requiring users to re-authenticate when accessing sensitive print job functions. Monitor for suspicious session activity, such as multiple login attempts from different IP addresses using the same session ID. If the vendor publishes an update, upgrade to the patched version immediately and regenerate all active sessions upon deployment.

Share

EUVD-2025-209774 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy