Reedos Aim-star
5 CVEs affecting Reedos Aim-star. Latest disclosed: 2024-09-11. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-45790 | Critical | 9.8 | 2024-09-11 | This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing restrictions for excessive failed authentication attempts on its API based login. A r… |
CVE-2024-45788 | High | 7.5 | 2024-09-11 | This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attac… |
CVE-2024-45787 | Medium | 6.5 | 2024-09-11 | This vulnerability exists in Reedos aiM-Star version 2.0.1 due to transmission of sensitive information in plain text in certain API endpoints. An authenticate… |
CVE-2024-45786 | Medium | 6.5 | 2024-09-11 | This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper access controls on its certain API endpoints. An authenticated remote attacker could… |
CVE-2024-45789 | Medium | 4.3 | 2024-09-11 | This vulnerability exists in Reedos aiM-Star version 2.0.1 due to improper validation of the ‘mode’ parameter in the API endpoint used during the registration… |