A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function.
CPE | Name | Operator | Version |
---|---|---|---|
rbs_bs-client._retail_client | eq | 2.5 | |
rbs_bs-client._retail_client | eq | 2.4 |