Medium severity6.5NVD Advisory· Published Jan 18, 2024· Updated Jun 17, 2026
CVE-2024-0580
CVE-2024-0580
Description
Omission of user-controlled key authorization in the IDMSistemas platform, affecting the QSige product. This vulnerability allows an attacker to extract sensitive information from the API by making a request to the parameter '/qsige.locator/quotePrevious/centers/X', where X supports values 1,2,3, etc.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- www.incibe.es/en/incibe-cert/notices/aviso/omission-key-controlled-authorization-qsigenvdThird Party Advisory
News mentions
0No linked articles in our index yet.