Security Advisory

CVE-2024-45586

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-09-03 10:02:29

Last updated 2024-09-04 11:18:59

Assigner CERT-In

State PUBLISHED

Description

This vulnerability exists due to improper access controls on APIs in the Authentication module of Symphony XTS Web Trading and Mobile Trading platforms (version 2.0.0.1_P160). An authenticated remote attacker could exploit this vulnerability by manipulating parameters through HTTP request which could lead to unauthorized account take over belonging to other users.

← Browse all CVEs View on cve.org ↗