Home

Description

Incorrect Permission Assignment for Critical Resource, Exposure of Sensitive Information to an Unauthorized Actor, Missing Authorization, Incorrect Authorization vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Privilege Abuse, Authentication Bypass.This issue affects Aybs Interaktif: from 2024 through 28082025.

PUBLISHED Reserved 2025-08-12 | Published 2025-10-10 | Updated 2025-10-10 | Assigner TR-CERT




MEDIUM: 6.7CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Problem types

CWE-732 Incorrect Permission Assignment for Critical Resource

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-862 Missing Authorization

CWE-863 Incorrect Authorization

Product status

Default status
unaffected

2024
affected

Credits

Can Nesimi ARI finder

References

www.usom.gov.tr/bildirim/tr-25-0329

cve.org (CVE-2025-8886)

nvd.nist.gov (CVE-2025-8886)

Download JSON