CVE-2025-48784 | THREATINT

Description

A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization.

PUBLISHED Reserved 2025-05-26 | Published 2025-06-06 | Updated 2025-06-06 | Assigner ZUSO ART

HIGH: 8.8CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-862 Missing Authorization

Product status

Default status

affected

Any version

affected

References

zuso.ai/advisory/za-2025-09 third-party-advisory

cve.org (CVE-2025-48784)

nvd.nist.gov (CVE-2025-48784)

Download JSON