Primary

Context

Meon Bidding Solutions Improper Access Control Vulnerability Allowing Unauthorized Data Manipulation

Vulnerability

An improper access control vulnerability has been identified in Meon Bidding Solutions version 1.2. This vulnerability arises from inadequate authorization controls on specific API endpoints related to the initiation, modification, or cancellation of operations. An authenticated remote attacker could exploit this issue by manipulating parameters in the API request body, gaining unauthorized access to other user accounts. Successful exploitation would enable the attacker to perform authorized data manipulation on behalf of the accessed user accounts.

Impact

Exploitation of this vulnerability could result in unauthorized access to user accounts, allowing for unauthorized manipulation of data associated with those accounts.

Remediation

Users are advised to upgrade Meon Bidding Solutions to version 1.3.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Meon Bidding Solutions Improper Access Control Vulnerability Allowing Unauthorized Data Manipulation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating