- Description
- The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for the API used to query user tokens, unauthenticated remote attackers can still deceive the server to obtain tokens of arbitrary users, which can then be used to log into the system.
- Source
- twcert@cert.org.tw
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- twcert@cert.org.tw
- CWE-290
- Hype score
- Not currently trending
CVE-2024-13061 Authentication Bypass in 2100 Technology's Document Management System The Electronic Official Document Management System by 2100 Technology has an Authentication Bypass issue. The product uses an I... https://t.co/Gp4hDXQt0b
@VulmonFeeds
31 Dec 2024
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-13061: CRITICAL] 2100 Technology's Electronic Official Document Management System faces a serious Authentication Bypass vulnerability. Attackers can exploit this flaw to obtain user tokens and gain unau...#cybersecurity,#vulnerability https://t.co/jxiHtwG8MU https://t.c
@CveFindCom
31 Dec 2024
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-13061 The Electronic Official Document Management System from 2100 Technology has an Authentication Bypass vulnerability. Although the product enforces an IP whitelist for … https://t.co/wo5AAfFq6q
@CVEnew
31 Dec 2024
439 Impressions
0 Retweets
3 Likes
0 Bookmarks
0 Replies
0 Quotes