Severity by source
AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Network-reachable panel exploitable by an authenticated low-privileged user (PR:L) with no UI; missing ACLs yield high integrity/availability impact and limited confidentiality exposure.
Primary rating from Vendor (TR-CERT).
CVSS VectorVendor: TR-CERT
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H
Lifecycle Timeline
1DescriptionCVE.org
Missing Authorization vulnerability in HAVELSAN Inc. Liman MYS allows Accessing Functionality Not Properly Constrained by ACLs.
This issue affects Liman MYS: before release.Master.1107.
AnalysisAI
Privilege escalation and unauthorized functionality access in HAVELSAN Liman MYS (Yönetim Sistemi) before release.Master.1107 allows an authenticated low-privileged user to invoke functions that should be gated by access-control lists. Because certain endpoints fail to enforce authorization (CWE-862), a limited user can reach administrative or restricted operations, enabling significant integrity and availability impact. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated session on Liman MYS at a low privilege level (CVSS PR:L) with network access to the web management interface (AV:N); no user interaction and no elevated privileges are needed beyond that initial foothold. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 3.1 vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:H (base 8.3, High) indicates network-reachable, low-complexity exploitation requiring only low privileges and no user interaction, with high integrity and availability impact but only low confidentiality impact - consistent with a broken-access-control flaw where an authenticated user pivots to privileged actions rather than reading bulk secrets. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who holds or obtains a standard low-privileged Liman MYS account (for example, a limited operator or a compromised staff login) sends crafted requests directly to administrative or restricted endpoints that the UI would normally hide. Because the server does not enforce authorization on those functions, the attacker performs privileged operations - altering configuration or disrupting managed services - achieving high integrity and availability impact without any user interaction. … |
| Remediation | Upgrade to Liman MYS release.Master.1107 or later, which is the vendor-fixed build per the TR-CERT advisory (https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0504). … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Inventory all HAVELSAN Liman MYS instances and document current versions; audit low-privilege user accounts and revoke unnecessary access to sensitive operations; establish detailed logging on all administrative function calls. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same weakness CWE-862 – Missing Authorization
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-42033
GHSA-6xf8-9p5r-2vcr