Authorization bypass can be achieved by session ID prediction in MASmobile Classic Android version 1.16.18 and earlier and
MASmobile Classic iOS version 1.7.24 and earlier
which allows remote attackers to retrieve sensitive data including customer data, security system status, and event history.
References
Configurations
No configuration.
History
No history.
Information
Published : 2024-03-16 05:15
Updated : 2024-03-21 22:15
NVD link : CVE-2023-36483
Mitre link : CVE-2023-36483
CVE.ORG link : CVE-2023-36483
JSON object : View
Products Affected
No product.
CWE
CWE-639
Authorization Bypass Through User-Controlled Key