Lucene search
K
ApexsoftcellLd Geo

5 matches found

CVE
CVE
added 2024/09/19 6:18 a.m.90 views

CVE-2024-47089

Affected software: Apex Softcell LD Geo. Vulnerability: Improper validation of the transaction token ID in the API endpoint, enabling an authenticated remote attacker to manipulate the token ID and access/modify transactions belonging to other users. Impact: Unauthorized access and modification o...

8.7CVSS6.4AI score0.00227EPSS
CVE
CVE
added 2024/09/19 6:3 a.m.87 views

CVE-2024-47086

Apex Softcell LD DP Back Office is affected by CVE-2024-47086 due to improper OTP validation in certain API endpoints. The vulnerability allows an authenticated remote attacker to supply arbitrary OTP values, potentially bypassing OTP verification for other user accounts and altering API response...

8.7CVSS6.6AI score0.00474EPSS
CVE
CVE
added 2024/09/19 6:13 a.m.84 views

CVE-2024-47088

CVE-2024-47088 affects Apex Softcell LD Geo and stems from missing restrictions on excessive failed authentication attempts via its API login, enabling brute-force attempts on login OTP. Public sources (NVD/Red Hat/CVE List) describe a high-severity impact (unauthorized access possible; CVSS scor...

9.8CVSS9.6AI score0.00564EPSS
CVE
CVE
added 2024/09/19 6:8 a.m.81 views

CVE-2024-47087

CVE-2024-47087 affects Apex Softcell LD Geo. The vulnerability is caused by improper validation of parameters in the API endpoint (e.g., Client ID, DPID, BOID) within the application, enabling an authenticated remote attacker to manipulate API request body parameters and cause exposure of sensiti...

8.7CVSS6.3AI score0.00436EPSS
CVE
CVE
added 2024/09/19 5:56 a.m.77 views

CVE-2024-47085

The CVE-2024-47085 vulnerability affects Apex Softcell LD DP Back Office, arising from improper validation of API parameters cCdslClicentcode and cLdClientCode in the API endpoint. An authenticated remote attacker could manipulate request body parameters to expose sensitive information from other...

8.7CVSS6.3AI score0.00436EPSS