CVE-2024-45785

Published: Oct 25, 2024Modified: Jun 17, 2026

7.5

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

MUSASI version 3 contains an issue with use of client-side authentication. If this vulnerability is exploited, other users' credential and sensitive information may be retrieved.

Affected (1)

Products: Neumann: Musasi

Neumann

1 product

Musasi

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Neumann Musasi	Version 3

Related CWEs

CWE-603

Use of Client-Side Authentication

A client/server product performs authentication within client code but not in server code, allowing server-side authentication to be bypassed via a modified client that omits the authentication check.

References (1)

https://jvn.jp/en/jp/JVN31982676/

Source: vultures@jpcert.or.jp

Third Party Advisory

Timeline

No history available yet.