CVE-2024-45790

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to

Publication date: 2024-09-11

Last updated on: 2024-09-18

Description

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login. A remote attacker could exploit this vulnerability by conducting a brute force attack against legitimate user passwords, which could lead to gain unauthorized access and compromise other user accounts.

CVSS Scores

Affected Vendors & Products

Vendor	Product	Version
reedos	aim-star	2.0.1

Helpful Resources

Third Party Advisory

Exploitability

CWE ID	Description
CWE-307	Improper Restriction of Excessive Authentication Attempts

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

Meta Information

Date published:

2024-09-11

Date last modified:

2024-09-18

Date generated:

2025-01-15

NVD report:

CVE-2024-45790