CVE-2025-29998 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker c…
High CVSS: 8.2

CVE-2025-29998

This vulnerability exists in the CAP back office application due to missing rate limiting on OTP requests in an API endpoint. An authenticated remote attacker could exploit this vulnerability by sending multiple OTP request through vulnerable API endpoint which could lead to the OTP bombing/flooding on the targeted system.
Vendor
-
Product
-
CWE
CWE-799
Yayın Tarihi
2025-03-13 12:15:14
Güncelleme
2025-03-13 12:15:14
Source Identifier
vdisclose@cert-in.org.in
KEV Date Added
-

Kategoriler

CWE-799 HIGH 2025

Referanslar

https://www.cert-in.org.in/s2cMainServlet?pageid=PUBVLNOTES01&VLCODE=CIVN-2025-0048