CVE-2024-45919

Published: Oct 7, 2024

Modified: Oct 8, 2024

PUBLISHED

Description

A security flaw has been discovered in Solvait version 24.4.2 that allows an attacker to elevate their privileges. By manipulating the Request ID and Action Type parameters in /AssignToMe/SetAction, an attacker can bypass approval workflows leading to unauthorized access to sensitive information or approval of fraudulent requests.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://gist.github.com/ipxsec/28afaf965389283a68433c7afd54d17a

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2024-45919

Description

Affected Products

References