Bimser Solution Software Trade Inc. EBA Document CVE-2025-8532
MEDIUMSeverity by source
AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
Lifecycle Timeline
2DescriptionCVE.org
Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing.This issue affects eBA Document and Workflow Management System: from 6.7.164 before 6.7.166.
AnalysisAI
Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. Rated medium severity (CVSS 6.4). No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-285. Authorization Bypass Through User-Controlled Key, Improper Authorization vulnerability in Bimser Solution Software Trade Inc. EBA Document and Workflow Management System allows Forceful Browsing.7.164 before 6.7.166. Version information: before 6.7.166..
Affected ProductsAI
Bimser Solution Software Trade Inc. EBA Document and Workflow Management System.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
Same weakness CWE-285 – Improper Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today