Posted Date: 2025/09/04
[Vulnerability Alert] All-in-One Software | Timestamp Server (TSA) - Missing Authentication
- Subject: [Vulnerability Alert] All-in-One Software | Timestamp Server (TSA) - Missing Authentication
- Content:
- Forwarded from Taiwan Computer Emergency Response Team/Coordination Center TWCERTCC-200-202509-00000002
- [All-in-One Software | Timestamp Server (TSA) - Missing Authentication] (CVE-2025-8861, CVSS: 9.8) A Missing Authentication vulnerability exists in the Timestamp Server (TSA) developed by All-in-One Software, allowing an unauthenticated remote attacker to use developer tools to read, modify, and delete database content.
- Affected Platforms:
- Timestamp Server (TSA), only affected if purchased before 2025/2/6
- Recommended Measures:
- Contact the vendor to confirm if the patch has been completed.
- References:
Computer and Communications Center
Network Systems Group
