CVE-2024-51560
CVSS 3.1 Score 4.3 of 10 (medium)
Details
Published Nov 4, 2024
Updated: Nov 8, 2024
CWE ID 209
Summary
CVE-2024-51560 is a vulnerability found in the Wave 2.0 API. It arises due to inadequate exception handling for invalid user ID inputs at specific endpoints. An authenticated attacker can exploit this issue by sending incorrect user IDs in API requests. Consequentially, the system generates an error message containing sensitive information, which the attacker can access remotely.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share