CVE-2024-42165
6.3MEDIUMInsufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link.
Veröffentlicht: 8/12/2024Aktualisiert: 8/29/2024
Beschreibung
Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link.
KI-AnalyseKI-gestützt
Betroffene Produkte
fiwarekeyrock
Referenzen
- https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisoriesExploitThird Party Advisory