The CTS Web transaction system related to authentication management is implemented incorrectly. After login, remote attackers can manipulate cookies to access other accounts and trade in the stock market with spoofed identity.
References
Link | Resource |
---|---|
https://www.chtsecurity.com/news/40e165e2-e539-49bc-bcf1-e3b27c29e344 | Third Party Advisory |
https://www.twcert.org.tw/tw/cp-132-4759-92eab-1.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: twcert
Published: 2021-05-28T00:00:00
Updated: 2021-07-21T10:25:29
Reserved: 2021-05-10T00:00:00
Link: CVE-2021-32543
JSON object: View
NVD Information
Status : Analyzed
Published: 2021-05-28T08:15:07.137
Modified: 2022-05-27T14:05:53.017
Link: CVE-2021-32543
JSON object: View
Redhat Information
No data.
CWE