PT-2024-26702 · Unknown · Acurax Under Construction / Maintenance Mode

Mika

Published

2024-06-10

Updated

2024-06-12

CVE-2024-35749

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Acurax Under Construction / Maintenance Mode versions through 2.6

Description The issue is related to an Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode. This vulnerability allows for authentication bypass.

Recommendations For versions through 2.6, update to a version that contains a fix for this issue, however at the moment there is no information about a newer version that contains a fix for this issue. As a temporary workaround, consider restricting access to sensitive areas of the application to minimize the risk of exploitation.

Fix

Authentication Bypass by Spoofing

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-290

Related Identifiers

CVE-2024-35749

Affected Products

Acurax Under Construction / Maintenance Mode

PT-2024-26702 · Unknown · Acurax Under Construction / Maintenance Mode

CVE-2024-35749

Weakness Enumeration

Related Identifiers

Affected Products

References · 5