CVE-2024-51559 | Brokerage Technology Solutions Wave 2.0 up to 1.1.6 API Endpoint user_id authorization (CIVN-2024-0332)

Posted by Angelo Barbosa | Nov 4, 2024 | CVE

A vulnerability was found in Brokerage Technology Solutions Wave 2.0 up to 1.1.6. It has been classified as problematic. Affected is an unknown function of the component API Endpoint. The manipulation of the argument user_id leads to authorization bypass.

This vulnerability is traded as CVE-2024-51559. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-51559 | Brokerage Technology Solutions Wave 2.0 up to 1.1.6 API Endpoint user_id authorization (CIVN-2024-0332)

Related Posts

CVE-2024-1628 | GE HealthCare Venue os command injection

CVE-2024-37163 | oslabs-beta SkyScraper = 1.0.0 HTTP Request cleartext transmission

CVE-2023-6158 | EventON Plugin up to 2.2.7/4.5.4 on WordPress evo_eventpost_update_meta authorization

CVE-2024-7029 | AVTECH AVM1203 up to FullImg-1023-1007-1011-1009 command injection (icsa-24-214-07)