{"vulnerability": "cve-2020-24683", "sightings": [{"uuid": "20684904-fe0c-4afc-9def-599b595428fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-24683", "type": "seen", "source": "https://t.me/cibsecurity/21200", "content": "\u203c CVE-2020-24683 \u203c\n\nThe affected versions of S+ Operations (version 2.1 SP1 and earlier) used an approach for user authentication which relies on validation at the client node (client-side authentication). This is not as secure as having the server validate a client application before allowing a connection. Therefore, if the network communication or endpoints for these applications are not protected, unauthorized actors can bypass authentication and make unauthorized connections to the server application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-23T00:54:04.000000Z"}]}