CVE-2024-42165
6.3MEDIUMInsufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link.
Publicado: 8/12/2024Actualizado: 8/29/2024
Descripción
Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link.
Análisis IAImpulsado por IA
Productos Afectados
fiwarekeyrock
Referencias
- https://www.ait.ac.at/themen/cyber-security/pentesting/security-advisoriesExploitThird Party Advisory