Brute Force Attack Vulnerability in Reedos aiM-Star 2.0.1 Could Lead to Unauthorized Access
CVE-2024-45790

9.8CRITICAL

Key Information:

Vendor: Reedos Software Solutions
Status: Mutual Fund Distribution Product (aim-star)
Vendor: CVE Published:; 11 September 2024

🔔 Create Reedos Software Solutions Vulnerability Alert

What is CVE-2024-45790?

The vulnerability in the Reedos aiM-Star version 2.0.1 arises from inadequate restrictions on failed authentication attempts within its API-based login interface. This deficiency allows remote attackers to execute brute force attacks against legitimate user credentials. Successful exploitation of this weakness may result in unauthorized access to user accounts, potentially leading to further compromises within the affected systems. Immediate action is required to mitigate risks associated with this vulnerability.

Affected Version(s)

Mutual Fund Distribution Product (aiM-Star) 2.0.1

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOT...

third-party-advisory

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 11, 2024
Vulnerability Reserved
Sep 9, 2024

Credit

This vulnerability is reported by Mohit Gadiya.