Authorization Bypass Through User-Controlled Key Vulnerability Affects Apinizer Management Console
CVE-2024-5619

9.6CRITICAL

Key Information:

Vendor: Pruvasoft Informatics
Status: Apinizer Management Console
Vendor: CVE Published:; 18 July 2024

🔔 Create Pruvasoft Informatics Vulnerability Alert

What is CVE-2024-5619?

A vulnerability in PruvaSoft Informatics' Apinizer Management Console permits an authorization bypass through user-controlled keys, potentially leading to unauthorized access due to improperly configured access control security levels. This issue affects versions released prior to 2024.05.1, highlighting the importance of implementing proper security measures and configurations to safeguard sensitive data and maintain system integrity.

Affected Version(s)

Apinizer Management Console 0 < 2024.05.1

References

https://www.usom.gov.tr/bildirim/tr-24-1010

CVSS V3.1

Score:

9.6

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 18, 2024
Vulnerability Reserved
Jun 4, 2024

Credit

Musa ATALAY