TVN ID | TVN-202407001 |
---|---|
CVE ID | CVE-2024-3122 |
CVSS | 4.9 (Medium) CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Affected Products | Mobile One Time Password version 3.11.2 and earlier. |
Description | CHANGING Mobile One Time Password does not properly filter parameters for the file download functionality, allowing remote attackers with administrator privilege to read arbitrary file on the system. |
Solution | Update to MOTP 3.11.3 Patch 1 or later version or install the patch. |
Credit | Vtim(DEVCORE) |
Public Date | 2024-07-01 |