CVE-2024-42164

NVD Published Date: August 12, 2024 at 01:38 PM
NVD Last Modified: August 29, 2024 at 03:19 PM
Download Patch
Vulnerability ID
CVE-2024-42164
Severity
MEDIUM
Severity Score
4.3
Summary
Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link.
Mitigation and Patches
-
Metasploit Payload
-
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CWE ID
CWE-330

Recent Publish

CVE-2024-6758

CVE-2024-40480

CVE-2024-7686

CVE-2024-6760

CVE-2024-38219

CVE-2024-7416

See SecOps Solution
in action

Schedule Demo