Description

A vulnerability in Kaiten version 57.131.12 and earlier allows attackers to bypass the PIN code authentication mechanism. The application requires users to input a 6-digit PIN code sent to their email for authorization after entering their login credentials. However, the request limiting mechanism can be easily bypassed, enabling attackers to perform a brute force attack to guess the correct PIN and gain unauthorized access to the application.

INFO

Published Date :

2024-10-01T00:00:00.000Z

Last Modified :

2024-10-01T14:49:47.454Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-41276 vulnerability.

Vendors Products
Kaiten
  • Kaiten
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-41276.

URL Resource
https://github.com/artemy-ccrsky/CVE-2024-41276 cve-icon cve-icon
https://kaiten.ru/ cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact