CVE-2025-5192 | THREATINT

Description

A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions.

PUBLISHED Reserved 2025-05-26 | Published 2025-06-06 | Updated 2025-06-06 | Assigner ZUSO ART

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-306 Missing Authentication for Critical Function

Product status

Default status

affected

Any version

affected

References

zuso.ai/advisory/za-2025-04 third-party-advisory

cve.org (CVE-2025-5192)

nvd.nist.gov (CVE-2025-5192)

Download JSON