ZUSOART ID |
ZA-2025-04 |
CVE ID |
CVE-2025-5192 |
Vulnerability Type |
CWE-306: Missing Authentication for Critical Function |
CVSS 4.0 Base |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N(9.3) |
Description |
A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions. |
Vendor |
Soar Cloud System CO., LTD. |
Product |
Category |
Version affected |
HRD Human Resource Management System |
through 7.3.2025.0408 |
|
Product Support |
Contact Soar Cloud for version updates. |
Release date |
2025/06/06 |
Credit |
Yen Chun Shen (YC Shen) of ZUSO ART |