{“lastseen”:””,”description”:”Authorization Bypass Through User-Controlled Key, CWE – 862 – Missing Authorization, \u2013 Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows \u2013 Exploitation of Trusted Identifiers, \u2013 Exploitation of Authorization, \u2013 Variable Manipulation.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.”,”published”:”2025-09-19T14:12:21.442Z”,”modified”:”2025-09-19T14:27:47.778Z”,”type”:”cve”,”title”:”IDOR in Bimser’s eBA Document and Workflow Management System”,”source”:”TR-CERT”,”references”:”https:\/\/www.usom.gov.tr\/bildirim\/tr-25-0280″,”id”:”CVE-2025-8532″,”bulletinFamily”:””,”cwe”:[“CWE-639″,”CWE-285″],”cvelist”:null,”sourceData”:”Bimser Solution Software Trade Inc. eBA Document and Workflow Management System 6.7.164″,”sourceHref”:””,”cvss”:{“score”:6.4,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:L\/AC:H\/PR:L\/UI:N\/S:C\/C:L\/I:H\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”eBA Document and Workflow Management System”,”version”:”6.7.164″,”vendor”:”Bimser Solution Software Trade Inc.”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”Authorization Bypass Through User-Controlled Key, CWE – 862 – Missing Authorization, \u2013 Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,46,12,21,13,7,11,5],"class_list":["post-18093","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-64","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n