216.73.217.126

CVE-2024-51559

· Published 04/11/2024 13:17 · Modified 22/11/2024 12:15

Labels: CVE-2024-51559 2024-11-04CVE-2024-51559CWE-639[email protected]

Essential information

Published
04/11/2024 13:17
Modified
22/11/2024 12:15
Author
Creator
CVSS
6.5 MEDIUM (v3.1)
CISA KEV
No
CWE
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

CVSS metrics

Description

This vulnerability exists in the Wave 2.0 due to improper authorization checks on certain API endpoints. An authenticated remote attacker could exploit this vulnerability by manipulating API input parameters to gain unauthorized access and perform malicious activities on other user accounts.

NVD status

Status
Modified — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
63moons / aero cpe:2.3:a:63moons:aero:*:*:*:*:*:*:*:*
63moons / wave 2.0 cpe:2.3:a:63moons:wave_2.0:*:*:*:*:*:*:*:*

References