CVE-2025-48784 HIGH

CVE-2025-48784: Soar Cloud HRD Human Resource Management System - Missing Authorization

Vendor Soar Cloud System Co., Ltd.

Product HRD Human Resource Management System

Weakness CWE-862 · Missing authorization

Published June 6, 2025

Last update June 6, 2025

View on NVD All CVEs

CVSS base score

8.8/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

A missing authorization vulnerability in Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to modify system settings without prior authorization.

Key dates

02Disclosure timeline

June 6, 2025 CVE published

June 6, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-48784 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/862.html

Related vulnerabilities

Identifiers

CVE CVE-2025-48784

CWE CWE-862

CVSS 8.8 / HIGH

Affected versions