CVE-2024-45788

This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/flooding on the targeted system.

CVSS v3 7.5 HIGH

7.5^/10

CVSS v3 : HIGH

Vector :

Exploitability : 3.9 / Impact : 3.6

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:reedos:aim-star:2.0.1:*:*:*:*:*:*:*

History

18 Sep 2024, 19:57

Type	Values Removed	Values Added
Summary		(es) Esta vulnerabilidad existe en la versión 2.0.1 de Reedos aiM-Star debido a la falta de limitación de velocidad en las solicitudes OTP en determinados endpoints de API. Un atacante remoto autenticado podría aprovechar esta vulnerabilidad enviando múltiples solicitudes OTP a través de endpoints de API vulnerables, lo que podría provocar un bombardeo o inundación de OTP en el sistema de destino.
CPE		cpe:2.3:a:reedos:aim-star:2.0.1:::::::*
References	~~() https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291 -~~	() https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291 - Third Party Advisory
First Time		Reedos aim-star Reedos
CWE		NVD-CWE-Other
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 7.5

11 Sep 2024, 12:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-09-11 12:15

Updated : 2024-09-18 19:57

NVD link : CVE-2024-45788

Mitre link : CVE-2024-45788

CVE.ORG link : CVE-2024-45788

JSON object : View

Products Affected

reedos

aim-star

CWE

NVD-CWE-Other CWE-799

Improper Control of Interaction Frequency

{"id": "CVE-2024-45788", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 3.9}], "cvssMetricV40": [{"type": "Secondary", "source": "vdisclose@cert-in.org.in", "cvssData": {"safety": "NOT_DEFINED", "version": "4.0", "recovery": "NOT_DEFINED", "baseScore": 8.7, "automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "modifiedAttackVector": "NOT_DEFINED", "integrityRequirements": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "availabilityRequirements": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subsequentSystemIntegrity": "NONE", "vulnerableSystemIntegrity": "NONE", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "confidentialityRequirements": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "subsequentSystemAvailability": "NONE", "vulnerableSystemAvailability": "HIGH", "subsequentSystemConfidentiality": "NONE", "vulnerableSystemConfidentiality": "NONE", "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", "modifiedSubsequentSystemAvailability": "NOT_DEFINED", "modifiedVulnerableSystemAvailability": "NOT_DEFINED", "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED"}}]}, "published": "2024-09-11T12:15:02.230", "references": [{"url": "https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2024-0291", "tags": ["Third Party Advisory"], "source": "vdisclose@cert-in.org.in"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}, {"type": "Secondary", "source": "vdisclose@cert-in.org.in", "description": [{"lang": "en", "value": "CWE-799"}]}], "descriptions": [{"lang": "en", "value": "This vulnerability exists in Reedos aiM-Star version 2.0.1 due to missing rate limiting on OTP requests in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoints which could lead to the OTP bombing/flooding on the targeted system."}, {"lang": "es", "value": "Esta vulnerabilidad existe en la versi\u00f3n 2.0.1 de Reedos aiM-Star debido a la falta de limitaci\u00f3n de velocidad en las solicitudes OTP en determinados endpoints de API. Un atacante remoto autenticado podr\u00eda aprovechar esta vulnerabilidad enviando m\u00faltiples solicitudes OTP a trav\u00e9s de endpoints de API vulnerables, lo que podr\u00eda provocar un bombardeo o inundaci\u00f3n de OTP en el sistema de destino."}], "lastModified": "2024-09-18T19:57:10.203", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:reedos:aim-star:2.0.1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B863974A-47F2-4A3A-9614-26F30737B0FD"}], "operator": "OR"}]}], "sourceIdentifier": "vdisclose@cert-in.org.in"}