CVE-2025-8532 | THREATINT

Description

Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.

PUBLISHED Reserved 2025-08-04 | Published 2025-09-19 | Updated 2025-09-30 | Assigner TR-CERT

MEDIUM: 6.4CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N

Problem types

CWE-639 Authorization Bypass Through User-Controlled Key

CWE-285 Improper Authorization

Product status

Default status

unaffected

6.7.164 (custom) before 6.7.166

affected

Credits

Aysun EYİZ finder

References

www.usom.gov.tr/bildirim/tr-25-0280

cve.org (CVE-2025-8532)

nvd.nist.gov (CVE-2025-8532)

Download JSON