CVE-2024-45786

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to

Publication date: 2024-09-11

Last updated on: 2024-09-18

Description

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating a parameter through API request URL which could lead to gain unauthorized access to sensitive information belonging to other users.

CVSS Scores

Affected Vendors & Products

Vendor	Product	Version
reedos	aim-star	2.0.1

Helpful Resources

Third Party Advisory

Exploitability

CWE ID	Description
CWE-639	Authorization Bypass Through User-Controlled Key

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

Meta Information

Date published:

2024-09-11

Date last modified:

2024-09-18

Date generated:

2025-01-15

NVD report:

CVE-2024-45786