PT-2025-1985 · Algo Edge · Algo Edge
Published
2025-01-17
·
Updated
2025-01-18
·
CVE-2024-13026
CVSS v4.0
6.1
Medium
| Vector | AV:A/AC:H/AT:P/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:N/R:A/V:D/RE:L/U:Clear |
Name of the Vulnerable Software and Affected Versions
Algo Edge versions up to 2.1.1
Description
A vulnerability exists in the authentication mechanism of Algo Edge, which could allow an attacker with adjacent access to the laboratory network and the Algo Edge system to craft valid authentication tokens and access the component. This issue impacts a previously used (legacy) component of navify Algorithm Suite, and other components of the suite are not affected.
Recommendations
For Algo Edge versions up to 2.1.1, consider disabling the authentication mechanism temporarily until a patch is available. Restrict access to the Algo Edge system to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Inadequate Encryption Strength
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Algo Edge