CVE-2024-5168

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published May 23, 2024

Updated: May 24, 2024

CWE ID 284

Summary

CVE-2024-5168 is an improper access control vulnerability affecting Prodys' Quantum Audio codec, specifically versions 2.3.4t and below. This issue grants unauthenticated users the ability to bypass authentication, resulting in complete bypass of authentication checks. Consequently, attackers can execute arbitrary API requests against the vulnerable web application. This vulnerability poses a significant risk and requires prompt patching to prevent potential unauthorized access and manipulation.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/wCvVI-
https://www.cve.org/CVERecord?id=CVE-2024-5168
https://nvd.nist.gov/vuln/detail/CVE-2024-5168

Back to Vulnerability Database

CVE-2024-5168

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations