IDOR in Usta Information Systems’ Aybs Interaktif_CVE-2025-8887

6.1 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N

Description

Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation.This issue affects Aybs Interaktif: from 2024 through 28082025.

Basic Information

ID CVE-2025-8887

Source TR-CERT

Published Oct 10, 2025 at 13:56

Affected Product

Vendor Usta Information Systems Inc.

Product Aybs Interaktif

Version 2024

Affected Versions Usta Information Systems Inc. Aybs Interaktif 2024

CWE Classification

CWE-639 CWE-862 CWE-200

References

www.usom.gov.tr /bildirim/tr-25-0329

{
    "lastseen": "",
    "description": "Authorization Bypass Through User-Controlled Key, Missing Authorization, Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Usta Information Systems Inc. Aybs Interaktif allows Forceful Browsing, Parameter Injection, Input Data Manipulation.This issue affects Aybs Interaktif: from 2024 through 28082025.",
    "published": "2025-10-10T13:56:07.123Z",
    "modified": "2025-10-10T13:56:16.843Z",
    "type": "cve",
    "title": "IDOR in Usta Information Systems' Aybs Interaktif",
    "source": "TR-CERT",
    "references": "https://www.usom.gov.tr/bildirim/tr-25-0329",
    "id": "CVE-2025-8887",
    "bulletinFamily": "",
    "cwe": [
        "CWE-639",
        "CWE-862",
        "CWE-200"
    ],
    "cvelist": null,
    "sourceData": "Usta Information Systems Inc. Aybs Interaktif 2024",
    "sourceHref": "",
    "cvss": {
        "score": 6.1,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Aybs Interaktif",
    "version": "2024",
    "vendor": "Usta Information Systems Inc.",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}