- Description
- The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to privilege escalation.
- Source
- twcert@cert.org.tw
- NVD status
- Received
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- twcert@cert.org.tw
- CWE-639
- Hype score
- Not currently trending
CVE-2024-13040 (CVSS:8.8, HIGH) is Awaiting Analysis. The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling ..https://t.co/8nQwgRDASh #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
5 Jan 2025
11 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-13040 The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key vulnerability. By controlling the user ID parameter, remote attackers with r… https://t.co/ZXMvDHOuLR
@CVEnew
31 Dec 2024
508 Impressions
0 Retweets
3 Likes
1 Bookmark
0 Replies
0 Quotes
[CVE-2024-13040: HIGH] Quanta Computer's QOCA device vulnerable to Authorization Bypass Through User-Controlled Key, allowing remote attackers to gain unauthorized access and escalate privileges.#cybersecurity,#vulnerability https://t.co/TDwhHQTsUr https://t.co/Y0db5Vo9gl
@CveFindCom
31 Dec 2024
52 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes