CVE-2024-51559 | Brokerage Technology Solutions Wave 2.0 up to 1.1.6 API Endpoint user_id authorization (CIVN-2024-0332)

Posted by Angelo Barbosa | Nov 4, 2024 | CVE

A vulnerability was found in Brokerage Technology Solutions Wave 2.0 up to 1.1.6. It has been classified as problematic. Affected is an unknown function of the component API Endpoint. The manipulation of the argument user_id leads to authorization bypass.

This vulnerability is traded as CVE-2024-51559. It is possible to launch the attack remotely. There is no exploit available.

CVE-2024-51559 | Brokerage Technology Solutions Wave 2.0 up to 1.1.6 API Endpoint user_id authorization (CIVN-2024-0332)

Related Posts

CVE-2023-48759 | Crocoblock JetElements for Elementor Plugin up to 2.6.13 on WordPress authorization

CVE-2024-20448 | Cisco Data Center Network Manager up to 12.2.1 Nexus Dashboard cleartext storage in a file or on disk (cisco-sa-ndfc-cidv-XvyX2wLj)

CVE-2024-34206 | Totolink CP450 4.1.0cu.747_B20191224 setWebWlanIdx webWlanIdx command injection

CVE-2024-11447 | peepso Community Plugin up to 6.4.6.2 on WordPress filter cross site scripting