This vulnerability in Kaleris YMS v7.2.2.1 involves a flaw in the login mechanism that permits attackers to bypass authentication controls. The weakness corresponds to CWE-288 (Authentication Bypass Using an Alternate Path or Channel). The CVSS 3.1 base score of 9.8 reflects that the vulnerability is remotely exploitable without privileges or user interaction, and it results in complete compromise of confidentiality, integrity, and availability of the affected system. No patch or vendor advisory has been published yet, and the affected versions are not specifically enumerated beyond the mentioned version.

Successful exploitation allows an unauthenticated attacker to bypass login verification and access all resources within the Kaleris YMS application. This can lead to full compromise of sensitive data, unauthorized actions, and disruption of service. Given the critical CVSS score, the impact is severe across confidentiality, integrity, and availability.

Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, organizations should consider restricting access to the affected application through network controls or other compensating controls to reduce exposure. Monitor vendor communications closely for updates on patches or official mitigations.