- Description
- Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully log into the application or access restricted data without proper authorization. The lack of server-side validation exacerbates the issue, as the application relies on client-side information for authentication.
- Source
- cve@mitre.org
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.5
- Impact score
- 3.6
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
- Severity
- HIGH
- 134c704f-9b21-4f2e-91b3-4a467353bcc0
- CWE-290
- Hype score
- Not currently trending
CVE-2024-55470 (CVSS:7.5, HIGH) is Awaiting Analysis. Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can ..https://t.co/5zBMq5UyQ7 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
25 Dec 2024
42 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-55470 Unauthorized Access Vulnerability in Oqtane Framework 6.0.0 Oqtane Framework 6.0.0 has an Incorrect Access Control vulnerability. Attackers can misuse the entityid parameter. They can skip passcode... https://t.co/8YRVGLnJ61
@VulmonFeeds
20 Dec 2024
53 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-55470 Oqtane Framework 6.0.0 is vulnerable to Incorrect Access Control. By manipulating the entityid parameter, attackers can bypass passcode validation and successfully lo… https://t.co/oRyuJ3wSs7
@CVEnew
20 Dec 2024
358 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes