CVE-2024-45785
CVE-2024-45785
In short
MUSASI version 3 relies on authentication checks performed on the user's browser instead of the server. An attacker can bypass these checks to access other users' credentials and sensitive information.
Technical detail
CWE-603 vulnerability in MUSASI v3 uses client-side authentication validation, allowing attackers to circumvent security controls and retrieve other users' credentials and sensitive data. The attack requires network access to intercept or modify client-side authentication logic, with no server-side validation to prevent unauthorized access.
Summary generated and translated by AI from the official description.
MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
NEUMANN CO.LTD. · MUSASIWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
https://jvn.jp/en/jp/JVN31982676/