CVE-2025-15023
HIGHImproper Access Control in Yordam Informatics' Library Automation System
Title source: cnaDescription
Incorrect Authorization vulnerability in Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc. Library Automation System allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Library Automation System: from v.19.5 before v.22.1.
References (1)
Core 1
Core References
Government Resource government-resource
https://siberguvenlik.gov.tr/guvenlik-bildirimleri/detay/tr-26-0240
Scores
CVSS v3
8.8
EPSS
0.0022
EPSS Percentile
11.9%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-863
Status
published
Products (1)
Yordam Information Technology Consulting, Training and Electronic Systems Industry and Trade Inc./Library Automation System
v.19.5 - v.22.1
Published
May 14, 2026
Tracked Since
May 15, 2026