CVE-2025-65900 identifies a security vulnerability in Kalmia CMS version 0.2.0, specifically an Incorrect Access Control issue in the /kal-api/auth/users API endpoint. The vulnerability arises because the backend fails to properly validate permissions, allowing an authenticated user with only basic read privileges to access sensitive information about all users on the platform. This excessive data exposure violates the principle of least privilege and can lead to unauthorized disclosure of personal or sensitive user data. The vulnerability is classified under CWE-863 (Incorrect Authorization). The CVSS v3.1 base score is 6.5, indicating a medium severity, with the vector AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N, meaning it is remotely exploitable over the network, requires low attack complexity, requires privileges (authenticated user with read access), no user interaction, unchanged scope, high confidentiality impact, and no impact on integrity or availability. No patches or known exploits are currently available, but the vulnerability poses a significant risk to confidentiality. Organizations using this CMS version should be aware that attackers with basic authenticated access can harvest sensitive user data, potentially leading to privacy violations, compliance issues, and further targeted attacks.

For European organizations, the primary impact is the unauthorized disclosure of sensitive user information, which can lead to privacy breaches and regulatory non-compliance, especially under GDPR. The exposure of user data can also facilitate social engineering, identity theft, or targeted phishing attacks. Although the vulnerability does not affect system integrity or availability, the confidentiality breach alone can damage organizational reputation and trust. Sectors such as government, healthcare, finance, and critical infrastructure that rely on Kalmia CMS or similar platforms are particularly vulnerable. The medium severity rating reflects that exploitation requires authenticated access, limiting the attack surface to insiders or compromised accounts. However, given the potential volume of exposed data, the impact on European entities handling personal data is significant.

1. Immediately audit and restrict access permissions on the /kal-api/auth/users API endpoint to ensure only authorized roles can access sensitive user data. 2. Implement strict backend permission validation to enforce least privilege principles, ensuring users cannot access data beyond their authorization level. 3. Conduct a comprehensive review of all API endpoints for similar access control weaknesses. 4. Monitor logs for unusual or excessive access patterns to user data, which may indicate exploitation attempts. 5. If possible, upgrade or patch Kalmia CMS once a fix is released; until then, consider disabling or restricting the vulnerable API endpoint. 6. Educate users and administrators about the risk of credential compromise, as authenticated access is required for exploitation. 7. Employ network segmentation and multi-factor authentication to reduce the risk of unauthorized authenticated access. 8. Prepare incident response plans focused on data breach scenarios involving user information exposure.