CVE-2024-38890

Name of the Vulnerable Software and Affected Versions Horizon Business Services Inc. Caterease Software versions 16.0.1.1663 through 24.0.1.2405

Description The issue allows a local attacker to perform an Authentication Bypass by Capture-replay attack due to insufficient protection against capture-replay attacks.

Recommendations For versions 16.0.1.1663 through 24.0.1.2405, consider implementing additional security measures to protect against capture-replay attacks, such as enhancing authentication protocols or using encryption to secure data transmission, until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.