Compliance Impact

The vulnerability in Kaleris YMS v7.2.2.1 allows authenticated users with the shipping/receiving role to access truck dashboard resources that should be restricted to drivers. This broken access control issue could lead to unauthorized disclosure of potentially sensitive operational data.

Such unauthorized access may impact compliance with standards and regulations that require strict access controls and data confidentiality, such as GDPR or HIPAA, if the accessed data includes personal or protected information. However, the provided information does not specify the nature of the data exposed or whether it includes personal or protected health information.

Therefore, while the vulnerability represents a failure in enforcing role-based access control, the direct effect on compliance with GDPR, HIPAA, or similar regulations cannot be conclusively determined from the available information.

Useful 0 Not Useful 0

Mitigation Strategies

To mitigate the broken access control vulnerability in Kaleris YMS v7.2.2.1, immediately restrict or monitor the use of shipping/receiving role accounts to prevent unauthorized access to the truck dashboard resources.

Ensure that users with the shipping/receiving role do not have access to the internal truck display URL (https://<your-domain>/truck) by implementing stricter role-based access controls or temporarily disabling access to this endpoint for those roles.

Consider monitoring web traffic for suspicious access patterns, such as shipping/receiving users accessing truck dashboard URLs, and revoke or limit session tokens (_session_id) if misuse is detected.

Contact Kaleris support or check for patches or updates that address this access control issue.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-31150 is a broken access control vulnerability in Kaleris YMS version 7.2.2.1. It allows an authenticated user with only the shipping/receiving role to access resources that should be restricted to the driver's truck dashboard.

Specifically, a user logged in with shipping/receiving credentials can open a new browser tab and navigate to the internal truck display URL, thereby gaining unauthorized access to the truck dashboard. This happens because the system does not properly enforce role-based access controls between the shipping/receiving and driver roles.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can lead to unauthorized access to sensitive truck dashboard resources by users who should not have such permissions. An attacker with shipping/receiving role credentials can view information intended only for drivers, potentially exposing operational details or sensitive data.

Such unauthorized access could disrupt normal operations, lead to data leakage, or be leveraged for further attacks within the system.

Useful 0 Not Useful 0

Detection Guidance

This vulnerability can be detected by verifying if a user with the shipping/receiving role can access the truck dashboard resources, which should be restricted. Specifically, after logging in with shipping/receiving credentials at the general home URL, an attempt can be made to access the truck dashboard URL.

A practical detection method involves using a curl command to send a GET request to the truck live display endpoint with parameters such as reader_id and screen_type, while including the session cookie (_session_id) of the shipping/receiving user. If the request succeeds and returns truck dashboard data, the vulnerability is present.

• curl -X GET "https://<your-domain>/truck?reader_id=<id>&screen_type=<type>" -H "Cookie: _session_id=<shipping_receiving_user_session>"

Useful 0 Not Useful 0