Unrated severityNVD Advisory· Published Sep 3, 2024· Updated Sep 4, 2024
Account Take Over Vulnerability
CVE-2024-45586
Description
This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms (version 2.0.0.1_P160). An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lead to unauthorized account take over belonging to other users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 2.0.0.1_P160
- Range: 2.0.0.1_P160
Patches
Vulnerability mechanics
References
1- www.cert-in.org.in/s2cMainServletmitrethird-party-advisory
News mentions
0No linked articles in our index yet.