CVE-2025-8532

Description

Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing. This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

High

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

Low

Integrity

High

Availability

None

Affected products

Bimser Solution Software Trade Inc. / eBA Document and Workflow Management System6.7.164 – 6.7.166

References

MISChttps://www.usom.gov.tr/bildirim/tr-25-0280
MISChttps://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-25-0280