CVE-2025-8532

Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.

CVSS v3 6.4 MEDIUM

6.4^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 1.1 / Impact : 4.7

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact HIGH

Availability Impact NONE

Scope CHANGED

References

Link	Resource
https://www.usom.gov.tr/bildirim/tr-25-0280

Configurations

No configuration.

History

30 Sep 2025, 14:15

Type	Values Removed	Values Added
Summary	(en) Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization, – Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows – Exploitation of Trusted Identifiers, – Exploitation of Authorization, – Variable Manipulation.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.	(en) Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.

19 Sep 2025, 15:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-09-19 15:15

Updated : 2025-09-30 14:15

NVD link : CVE-2025-8532

Mitre link : CVE-2025-8532

CVE.ORG link : CVE-2025-8532

JSON object : View

Products Affected

No product.

CWE

CWE-285

Improper Authorization

CWE-639

Authorization Bypass Through User-Controlled Key

6.4 /10