CVE-2021-28174

Summary

Mitake smart stock selection system contains a broken authentication vulnerability. By manipulating the parameters in the URL, remote attackers can gain the privileged permissions to access transaction record, and fraudulent trading without login.

Affected Software

VendorProductVersion RangeStatus
MitakeMitake Smart Stock Selection Systemunspecified <= 2020/06/23affected

Weaknesses

  • CWE-287: CWE-287 Improper Authentication

ADP Enrichment

CVE Program Container

Additional References

References