Insecure Direct Object Reference vulnerability in HYPR Server before version 6.14.1 allows remote authenticated malicious users to add a FIDO2 authenticator to arbitrary accounts via parameter tampering in the Device Manager page. This issue affects: HYPR Server versions before 6.14.1.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
hypr hypr server |