CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-51560

This vulnerability exists in the Wave 2.0 due to improper exception handling for invalid inputs at certain API endpoint. An authenticated remote attacker could exploit this vulnerability by providing invalid inputs for “userId” parameter in the API request leading to generation of error message containing sensitive information on the targeted system.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 21.7%

CVSS Severity

CVSS v3 Score 4.3

References

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0332

Products affected by CVE-2024-51560

63moons » Aero » Version: Any

cpe:2.3:a:63moons:aero:*
63moons » Wave 2.0 » Version: Any

cpe:2.3:a:63moons:wave_2.0:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-51560

Products

Pricing

Contact Us