CVE-2024-42163
8.3HIGHInsufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting the token for the password reset link.
Publicado: 8/12/2024Actualizado: 8/29/2024
Descripción
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to take over the account of any user by predicting the token for the password reset link.
Análisis IAImpulsado por IA
Productos Afectados
fiwarekeyrock
Referencias
- https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisoriesExploitThird Party Advisory