IDOR in Bimser’s eBA Document and Workflow Management System

6.4 / 10

MEDIUM

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N

Description

Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization, – Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows – Exploitation of Trusted Identifiers, – Exploitation of Authorization, – Variable Manipulation.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.

Basic Information

ID CVE-2025-8532

Source TR-CERT

Published Sep 19, 2025 at 14:12

Modified Sep 19, 2025 at 14:27

Affected Product

Vendor Bimser Solution Software Trade Inc.

Product eBA Document and Workflow Management System

Version 6.7.164

Affected Versions Bimser Solution Software Trade Inc. eBA Document and Workflow Management System 6.7.164

CWE Classification

CWE-639 CWE-285

References

www.usom.gov.tr /bildirim/tr-25-0280

{
    "lastseen": "",
    "description": "Authorization Bypass Through User-Controlled Key, CWE - 862 - Missing Authorization, \u2013 Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows \u2013 Exploitation of Trusted Identifiers, \u2013 Exploitation of Authorization, \u2013 Variable Manipulation.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.",
    "published": "2025-09-19T14:12:21.442Z",
    "modified": "2025-09-19T14:27:47.778Z",
    "type": "cve",
    "title": "IDOR in Bimser's eBA Document and Workflow Management System",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0280",
    "id": "CVE-2025-8532",
    "bulletinFamily": "",
    "cwe": [
        "CWE-639",
        "CWE-285"
    ],
    "cvelist": null,
    "sourceData": "Bimser Solution Software Trade Inc. eBA Document and Workflow Management System 6.7.164",
    "sourceHref": "",
    "cvss": {
        "score": 6.4,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "eBA Document and Workflow Management System",
    "version": "6.7.164",
    "vendor": "Bimser Solution Software Trade Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

IDOR in Bimser’s eBA Document and Workflow Management System_CVE-2025-8532