In Tgstation tgstation-server 3.2.4.0 through 3.2.1.0 (fixed in 3.2.5.0), active logins would be cached, allowing subsequent logins to succeed with any username or password.
CVSS Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HTgstation13 Tgstation Server
APPTgstation133.2.1.0 – 3.2.5.0 (bez)
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Related vulnerabilities
CVE-2025-21611HIGH8.8ten sam produkt
tgstation-server is a production scale tool for BYOND server management. Prior to 6.12.3, roles used to author...
CVE-2024-41799HIGH8.4ten sam produkt
tgstation-server is a production scale tool for BYOND server management. Prior to 6.8.0, low permission users ...
CVE-2023-32687HIGH7.7ten sam produkt
tgstation-server is a toolset to manage production BYOND servers. Starting in version 4.7.0 and prior to 5.12....
CVE-2020-16136HIGH7.7ten sam produkt
In tgstation-server 4.4.0 and 4.4.1, an authenticated user with permission to download logs can download any f...
CVE-2023-34243MEDIUM5.8ten sam produkt
TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user was register...