CVE-2024-3263

Name of the Vulnerable Software and Affected Versions YMS VIS Pro versions prior to 3.3.0.7

Description The issue arises from a combination of an improper method for system credentials generation and a weak password policy, allowing passwords to be easily guessed and enumerated through brute force attacks. This can lead to unauthorized access and the execution of operations based on assigned user permissions.

Recommendations For versions prior to 3.3.0.7, update the authentication mechanisms and implement an additional authentication layer along with strong password policies to mitigate the issue.