Back to search
CVE-2024-47086
Published: Sep 19, 2024
Modified: Sep 19, 2024
PUBLISHED
Description
This vulnerability exists in Apex Softcell LD DP Back Office due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by providing arbitrary OTP value for authentication and subsequently changing its API response. Successful exploitation of this vulnerability could allow the attacker to bypass OTP verification for other user accounts.
| Vendor | Product | Versions |
|---|---|---|
Apex Softcell | LD DP Back Office | affected <24.8.21.1 |
Weaknesses (CWE)
References
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now