Unrated severityNVD Advisory· Published Sep 3, 2024· Updated Sep 4, 2024
Information Disclosure Vulnerability
CVE-2024-45588
Description
This vulnerability exists in Symphony XTS Web Trading platform version 2.0.0.1_P160 due to improper access controls on APIs in the Preference module of the application. An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lead to unauthorized access and modification of sensitive information belonging to other users.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: = 2.0.0.1_P160
- Range: 2.0.0.1_P160
Patches
Vulnerability mechanics
References
1- www.cert-in.org.in/s2cMainServletmitrethird-party-advisory
News mentions
0No linked articles in our index yet.