TVN ID | TVN-202105003 |
---|---|
CVE ID | CVE-2021-32541 |
CVSS | 5.3 (Medium) CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L |
Affected Products | SysJust CTS Web version released 2021.3.24 |
Description | The CTS Web transaction system related to authentication and session management is implemented incorrectly, which allows remote unauthenticated attackers can send a large number of valid usernames, and force those logged-in account to log out, causing the user to be unable to access the services. |
Solution | Update CTS to version released after 2021.3.24 |
Credit | Jia-Rong Chen |
Public Date | 2021-05-28 |