CVE-2025-5192

Summary

A missing authentication for critical function vulnerability in the client application of Soar Cloud HRD Human Resource Management System through version 7.3.2025.0408 allows remote attackers to bypass authentication and access application functions.

Affected Software

VendorProductVersion RangeStatus
Soar Cloud System CO., LTD.HRD Human Resource Management System0 <= 7.3.2025.0408affected

Weaknesses

  • CWE-306: CWE-306 Missing Authentication for Critical Function

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References