A Two-Factor Authentication Bypass Vulnerability exists in BS-Client Private Client 2.4 and 2.5 via an XML request that neglects the use of ADPswID and AD parameters, which could let a malicious user access privileged function.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
bssys rbs bs-client. retail client 2.4 |
||
bssys rbs bs-client. retail client 2.5 |