Back to search
CVE-2021-35060
Published: Oct 11, 2021
Modified: Aug 4, 2024
PUBLISHED
Description
/way4acs/enroll in OpenWay WAY4 ACS before 1.2.278-2693 allows unauthenticated attackers to leverage response differences to discover whether a specific payment card number is stored in the system.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://www.openwaygroup.com/way4-platform
x_refsource_MISC
https://gist.github.com/exviry/9527ce2ccdc0718d3ffd1e3ca62cf304
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now