Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-67282

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-09 Jan, 2026 | 00:00
Updated At-09 Jan, 2026 | 16:10
Rejected At-
Credits

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profile of other user.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:09 Jan, 2026 | 00:00
Updated At:09 Jan, 2026 | 16:10
Rejected At:
â–¼CVE Numbering Authority (CNA)

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profile of other user.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://tim-doc.atlassian.net/wiki/spaces/eng/pages/230981636/Release+Notes
N/A
https://www.y-security.de/news-en/tim-bpm-suite-tim-flow-multiple-vulnerabilities/
N/A
Hyperlink: https://tim-doc.atlassian.net/wiki/spaces/eng/pages/230981636/Release+Notes
Resource: N/A
Hyperlink: https://www.y-security.de/news-en/tim-bpm-suite-tim-flow-multiple-vulnerabilities/
Resource: N/A
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-288CWE-288 Authentication Bypass Using an Alternate Path or Channel
Type: CWE
CWE ID: CWE-288
Description: CWE-288 Authentication Bypass Using an Alternate Path or Channel
Metrics
VersionBase scoreBase severityVector
3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:09 Jan, 2026 | 16:16
Updated At:22 Jan, 2026 | 21:32

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Authorization Bypass vulnerabilities exists which allow a low privileged user to download password hashes of other user, access work items of other user, modify restricted content in workflows, modify the applications logo and manipulate the profile of other user.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.4MEDIUM
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
Type: Secondary
Version: 3.1
Base score: 5.4
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
CPE Matches
tim-solutions
tim-solutions
>>tim_flow>>Versions before 9.1.2(exclusive)
cpe:2.3:a:tim-solutions:tim_flow:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-288Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-288
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://tim-doc.atlassian.net/wiki/spaces/eng/pages/230981636/Release+Notescve@mitre.org
Release Notes
https://www.y-security.de/news-en/tim-bpm-suite-tim-flow-multiple-vulnerabilities/cve@mitre.org
Third Party Advisory
Hyperlink: https://tim-doc.atlassian.net/wiki/spaces/eng/pages/230981636/Release+Notes
Source: cve@mitre.org
Resource:
Release Notes
Hyperlink: https://www.y-security.de/news-en/tim-bpm-suite-tim-flow-multiple-vulnerabilities/
Source: cve@mitre.org
Resource:
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

6Records found
CVE-2025-67280
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.02% / 3.56%
||
7 Day CHG~0.00%
Published-09 Jan, 2026 | 00:00
Updated-22 Jan, 2026 | 21:33
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple Hibernate Query Language injection vulnerabilities exist which allow a low privileged user to extract passwords of other users and access sensitive data of another user.

Action-Not Available
Vendor-tim-solutionsn/a
Product-tim_flown/a
CWE ID-CWE-564
SQL Injection: Hibernate
CVE-2025-67281
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.4||MEDIUM
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-09 Jan, 2026 | 00:00
Updated-22 Jan, 2026 | 21:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In TIM BPM Suite/ TIM FLOW through 9.1.2 multiple SQL injection vulnerabilities exists which allow a low privileged and administrative user to access the database and its content.

Action-Not Available
Vendor-tim-solutionsn/a
Product-tim_flown/a
CWE ID-CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVE-2025-12760
Matching Score-4
Assigner-Drupal.org
ShareView Details
Matching Score-4
Assigner-Drupal.org
CVSS Score-5.4||MEDIUM
EPSS-0.05% / 14.35%
||
7 Day CHG~0.00%
Published-18 Nov, 2025 | 16:55
Updated-08 Dec, 2025 | 14:35
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Email TFA - Moderately critical - Access bypass - SA-CONTRIB-2025-115

Authentication Bypass Using an Alternate Path or Channel vulnerability in Drupal Email TFA allows Functionality Bypass.This issue affects Email TFA: from 0.0.0 before 2.0.6.

Action-Not Available
Vendor-email_tfa_projectThe Drupal Association
Product-email_tfaEmail TFA
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CVE-2022-36249
Matching Score-4
Assigner-Shop Beat Solutions (Pty) LTD
ShareView Details
Matching Score-4
Assigner-Shop Beat Solutions (Pty) LTD
CVSS Score-5.4||MEDIUM
EPSS-0.04% / 12.60%
||
7 Day CHG~0.00%
Published-30 May, 2023 | 00:00
Updated-13 Jan, 2025 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Shop Beat Services Vulnerable To Bypass 2FA via APIs

Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Bypass 2FA via APIs. For Controlpanel Lite. "After login we are directly able to use the bearer token or jsession ID to access the apis instead of entering the 2FA code. Thus, leading to bypass of 2FA on API level.

Action-Not Available
Vendor-shopbeatShop Beat
Product-shop_beat_media_playerstudio
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-306
Missing Authentication for Critical Function
CVE-2024-52586
Matching Score-4
Assigner-GitHub, Inc.
ShareView Details
Matching Score-4
Assigner-GitHub, Inc.
CVSS Score-5.4||MEDIUM
EPSS-0.06% / 18.63%
||
7 Day CHG~0.00%
Published-09 Dec, 2024 | 18:38
Updated-15 Aug, 2025 | 18:43
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
eLabFTW MFA bypass

eLabFTW is an open source electronic lab notebook for research labs. A vulnerability has been found starting in version 4.6.0 and prior to version 5.1.0 that allows an attacker to bypass eLabFTW's built-in multifactor authentication mechanism. An attacker who can authenticate locally (by knowing or guessing the password of a user) can thus log in regardless of MFA requirements. This does not affect MFA that are performed by single sign-on services. Users are advised to upgrade to at least version 5.1.9 to receive a fix.

Action-Not Available
Vendor-elabftwelabftw
Product-elabftwelabftw
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
CWE ID-CWE-303
Incorrect Implementation of Authentication Algorithm
CVE-2026-22341
Matching Score-4
Assigner-Patchstack
ShareView Details
Matching Score-4
Assigner-Patchstack
CVSS Score-6.7||MEDIUM
EPSS-0.09% / 25.64%
||
7 Day CHG~0.00%
Published-20 Feb, 2026 | 15:46
Updated-28 Apr, 2026 | 16:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Booked plugin <= 3.0.0 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in Case-Themes Booked booked allows Authentication Abuse.This issue affects Booked: from n/a through <= 3.0.0.

Action-Not Available
Vendor-Case-Themes
Product-Booked
CWE ID-CWE-288
Authentication Bypass Using an Alternate Path or Channel
Details not found