CVE-2025-58156: CWE-285: Improper Authorization in nofusscomputing centurion_erp
Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all authentication token details within the database. This includes the actual token, although only the hashed token. This does not include any un-hashed authentication token as viewable. This issue has been patched in version 1.21.0. A workaround for this is not deemed viable as it would involve disabling token authentication. Users are encouraged to remove any authentication token that was created by one of the effected versions of Centurion ERP. Webmasters can ensure this occurs by removing all authentication tokens from the database.
AI Analysis
Technical Summary
CVE-2025-58156 is a vulnerability classified under CWE-285 (Improper Authorization) affecting the Centurion ERP software developed by nofusscomputing. Centurion ERP is an enterprise resource planning system with a focus on IT service management (ITSM) and automation. The vulnerability exists in versions from 1.12.0 up to but not including 1.21.0. It allows an authenticated user with low privileges to view all authentication token details stored within the database. Although the tokens are stored as hashed values and no unhashed tokens are exposed, the ability to access all token hashes represents an improper authorization flaw. This could potentially aid an attacker in offline attacks such as brute forcing or token replay if additional weaknesses exist. The vulnerability does not impact confidentiality beyond token hashes, nor does it affect integrity or availability directly. The issue has been addressed in version 1.21.0. There is no viable workaround other than disabling token authentication, which is impractical. Users are advised to upgrade to the patched version and remove all authentication tokens created by affected versions to mitigate risk. No known exploits are currently reported in the wild, and the CVSS v3.1 base score is 1.9, indicating low severity. The attack vector requires local access (AV:P), low complexity (AC:L), low privileges (PR:L), and user interaction (UI:R).
Potential Impact
For European organizations using Centurion ERP versions between 1.12.0 and 1.20.x, this vulnerability could lead to unauthorized disclosure of hashed authentication tokens to any authenticated user. While the tokens are hashed and not directly usable, exposure increases the risk of offline attacks to compromise token integrity, potentially enabling unauthorized access if token hashes are weak or reused. This could undermine the confidentiality of authentication mechanisms within the ERP system, potentially leading to privilege escalation or lateral movement within the network. However, since the vulnerability requires authenticated access and user interaction, and does not expose unhashed tokens or directly affect system integrity or availability, the overall impact is limited. Nonetheless, organizations handling sensitive ITSM and automation workflows should consider this a risk to their internal security posture, especially if tokens are reused or weakly hashed. The lack of known exploits reduces immediate risk but does not eliminate the need for remediation.
Mitigation Recommendations
1. Upgrade Centurion ERP to version 1.21.0 or later immediately to apply the official patch addressing this vulnerability. 2. After upgrading, remove all existing authentication tokens from the database to invalidate potentially compromised tokens. 3. Enforce strong token hashing algorithms and consider implementing multi-factor authentication to reduce reliance on tokens alone. 4. Restrict authenticated user permissions to the minimum necessary to reduce the risk of token exposure. 5. Monitor authentication logs for unusual access patterns or token usage that could indicate exploitation attempts. 6. Conduct regular security audits and penetration tests focusing on authentication and authorization controls within the ERP environment. 7. Educate users about the importance of not sharing credentials and recognizing phishing attempts that could lead to unauthorized authentication.
Affected Countries
Germany, France, United Kingdom, Netherlands, Italy, Spain, Sweden
CVE-2025-58156: CWE-285: Improper Authorization in nofusscomputing centurion_erp
Description
Centurion ERP is an ERP with a focus on ITSM and automation. In versions starting from 1.12.0 to before 1.21.0, an authenticated user can view all authentication token details within the database. This includes the actual token, although only the hashed token. This does not include any un-hashed authentication token as viewable. This issue has been patched in version 1.21.0. A workaround for this is not deemed viable as it would involve disabling token authentication. Users are encouraged to remove any authentication token that was created by one of the effected versions of Centurion ERP. Webmasters can ensure this occurs by removing all authentication tokens from the database.
AI-Powered Analysis
Technical Analysis
CVE-2025-58156 is a vulnerability classified under CWE-285 (Improper Authorization) affecting the Centurion ERP software developed by nofusscomputing. Centurion ERP is an enterprise resource planning system with a focus on IT service management (ITSM) and automation. The vulnerability exists in versions from 1.12.0 up to but not including 1.21.0. It allows an authenticated user with low privileges to view all authentication token details stored within the database. Although the tokens are stored as hashed values and no unhashed tokens are exposed, the ability to access all token hashes represents an improper authorization flaw. This could potentially aid an attacker in offline attacks such as brute forcing or token replay if additional weaknesses exist. The vulnerability does not impact confidentiality beyond token hashes, nor does it affect integrity or availability directly. The issue has been addressed in version 1.21.0. There is no viable workaround other than disabling token authentication, which is impractical. Users are advised to upgrade to the patched version and remove all authentication tokens created by affected versions to mitigate risk. No known exploits are currently reported in the wild, and the CVSS v3.1 base score is 1.9, indicating low severity. The attack vector requires local access (AV:P), low complexity (AC:L), low privileges (PR:L), and user interaction (UI:R).
Potential Impact
For European organizations using Centurion ERP versions between 1.12.0 and 1.20.x, this vulnerability could lead to unauthorized disclosure of hashed authentication tokens to any authenticated user. While the tokens are hashed and not directly usable, exposure increases the risk of offline attacks to compromise token integrity, potentially enabling unauthorized access if token hashes are weak or reused. This could undermine the confidentiality of authentication mechanisms within the ERP system, potentially leading to privilege escalation or lateral movement within the network. However, since the vulnerability requires authenticated access and user interaction, and does not expose unhashed tokens or directly affect system integrity or availability, the overall impact is limited. Nonetheless, organizations handling sensitive ITSM and automation workflows should consider this a risk to their internal security posture, especially if tokens are reused or weakly hashed. The lack of known exploits reduces immediate risk but does not eliminate the need for remediation.
Mitigation Recommendations
1. Upgrade Centurion ERP to version 1.21.0 or later immediately to apply the official patch addressing this vulnerability. 2. After upgrading, remove all existing authentication tokens from the database to invalidate potentially compromised tokens. 3. Enforce strong token hashing algorithms and consider implementing multi-factor authentication to reduce reliance on tokens alone. 4. Restrict authenticated user permissions to the minimum necessary to reduce the risk of token exposure. 5. Monitor authentication logs for unusual access patterns or token usage that could indicate exploitation attempts. 6. Conduct regular security audits and penetration tests focusing on authentication and authorization controls within the ERP environment. 7. Educate users about the importance of not sharing credentials and recognizing phishing attempts that could lead to unauthorized authentication.
Affected Countries
For access to advanced analysis and higher rate limits, contact root@offseq.com
Technical Details
- Data Version
- 5.1
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2025-08-27T13:34:56.185Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 68b22005ad5a09ad007bb540
Added to database: 8/29/2025, 9:47:49 PM
Last enriched: 8/29/2025, 10:03:09 PM
Last updated: 8/29/2025, 10:03:09 PM
Views: 2
Related Threats
CVE-2025-58159: CWE-434: Unrestricted Upload of File with Dangerous Type in LabRedesCefetRJ WeGIA
CriticalCVE-2025-57752: CWE-524: Use of Cache Containing Sensitive Information in vercel next.js
MediumCVE-2025-55173: CWE-20: Improper Input Validation in vercel next.js
MediumCVE-2025-9678: SQL Injection in Campcodes Online Loan Management System
MediumCVE-2025-57822: CWE-918: Server-Side Request Forgery (SSRF) in vercel next.js
MediumActions
Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.
Need enhanced features?
Contact root@offseq.com for Pro access with improved analysis and higher rate limits.