The CTS Web transaction system related to authentication and session management is implemented incorrectly, which allows remote unauthenticated attackers can send a large number of valid usernames, and force those logged-in account to log out, causing the user to be unable to access the services
References
Link | Resource |
---|---|
https://www.twcert.org.tw/tw/cp-132-4757-893eb-1.html | Third Party Advisory |
https://www.chtsecurity.com/news/40e165e2-e539-49bc-bcf1-e3b27c29e344 | Third Party Advisory |
Configurations
Information
Published : 2021-05-28 01:15
Updated : 2022-06-03 12:44
NVD link : CVE-2021-32541
Mitre link : CVE-2021-32541
JSON object : View
CWE
CWE-287
Improper Authentication
Products Affected
sysjust
- cts_web