CVE-2024-51560

CVSS 3.1 Score 4.3 of 10 (medium)

Details

Published Nov 4, 2024
Updated: Nov 8, 2024
CWE ID 209

Summary

CVE-2024-51560 is a vulnerability found in the Wave 2.0 API. It arises due to inadequate exception handling for invalid user ID inputs at specific endpoints. An authenticated attacker can exploit this issue by sending incorrect user IDs in API requests. Consequentially, the system generates an error message containing sensitive information, which the attacker can access remotely.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share