Auth bypass in Budgetcontrol Gateway
CVE-2024-52528
Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens, which allows attackers to bypass intend…
EPSS: 0.006 (41.9th percentile) — read the EPSS interpretation.
Affected products
- Budgetcontrol Gateway — versions < 1.5.2
Weakness classification (CWE)
References
- security-advisories@github.com (x_refsource_CONFIRM)