CVE-2024-45786

Name of the Vulnerable Software and Affected Versions: Reedos aiM-Star version 2.0.1

Description: This issue exists due to improper access controls on certain API endpoints. An authenticated remote attacker could exploit this by manipulating a parameter through the API request URL, potentially gaining unauthorized access to sensitive information belonging to other users.

Recommendations: For Reedos aiM-Star version 2.0.1, consider restricting access to the vulnerable API endpoints until a patch is available. As a temporary workaround, avoid using manipulated parameters in API requests to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.