Primary

Context

Meon KYC Solutions Improper Token Handling Vulnerability Allowing Unauthorized Access

Vulnerability

A vulnerability in Meon KYC solutions has been identified, stemming from improper management of access and refresh tokens in specific API authentication endpoints. This flaw enables remote attackers to intercept and manipulate responses, potentially leading to unauthorized access to other users' accounts.

Impact

Exploitation of this vulnerability could result in unauthorized access to user accounts, allowing attackers to impersonate users and access their sensitive information.

Remediation

Users are advised to upgrade Meon KYC Solutions to version 1.2. For Bidding Solutions, version 1.3 is recommended.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

6.0

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Meon KYC Solutions Improper Token Handling Vulnerability Allowing Unauthorized Access

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating