admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-29 01:31:47 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2024/47xxx/CVE-2024-47089.json
CVE Team e572459280
"-Synchronized-Data."
2024-09-19 07:00:33 +00:00

89 lines
2.8 KiB
JSON
Raw Blame History

{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2024-47089",
"ASSIGNER": "vdisclose@cert-in.org.in",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "This vulnerability exists in the Apex Softcell LD Geo due to improper validation of the transaction token ID in the API endpoint. An authenticated remote attacker could exploit this vulnerability by manipulating the transaction token ID in the API request leading to unauthorized access and modification of transactions belonging to other users."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-354: Improper Validation of Integrity Check Value",
"cweId": "CWE-354"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Apex Softcell",
"product": {
"product_data": [
{
"product_name": "LD Geo",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "<4.0.0.7"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0296",
"refsource": "MISC",
"name": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0296"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Upgrade Apex Softcell LD Geo to version 4.0.0.7<br>"
}
],
"value": "Upgrade Apex Softcell LD Geo to version 4.0.0.7"
}
],
"credits": [
{
"lang": "en",
"value": "This vulnerability is reported by Mohit Gadiya."
}
]
}
Reference in New Issue View Git Blame Copy Permalink