CVE-2024-45788

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to

Publication date: 2024-09-11

Last updated on: 2024-09-18

Description

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombingflooding on the targeted system.

CVSS Scores

Affected Vendors & Products

Vendor	Product	Version
reedos	aim-star	2.0.1

Helpful Resources

Third Party Advisory

Exploitability

CWE ID	Description
NVD-CWE-Other

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

Meta Information

Date published:

2024-09-11

Date last modified:

2024-09-18

Date generated:

2025-01-15

NVD report:

CVE-2024-45788