VYPR
Unrated severityNVD Advisory· Published Feb 19, 2026· Updated Feb 20, 2026

Broken Access Control results in Denial of Service in NesterSoft WorkTime

CVE-2025-15563

Description

Any unauthenticated user can reset the WorkTime on-prem database configuration by sending a specific HTTP request to the WorkTime server. No authorization check is applied here.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.