CVE-2025-8532

Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization,  Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows  Exploitation of Trusted Identifiers,  Exploitation of Authorization,  Variable Manipulation.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.4 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
TR-CERTCNA
6.4 MEDIUM
LOCAL
HIGH
LOW
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://www.usom.gov.tr/bildirim/tr-25-0280