Quanta Computer · Qoca Aim · CVE-2024-13040
**Name of the Vulnerable Software and Affected Versions**
Quanta Computer's QOCA aim (affected versions not specified)
**Description**
The QOCA aim from Quanta Computer has an Authorization Bypass Through User-Controlled Key issue. By controlling the `user ID` parameter, remote attackers with regular privileges could access certain features as any user, modify any user's account information and privileges, leading to privilege escalation.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.