Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2021-32543
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
SysJust CTS Web - Broken Authentication
Source: NVD (National Vulnerability Database)
Vulnerability Description
The CTS Web transaction system related to authentication management is implemented incorrectly. After login, remote attackers can manipulate cookies to access other accounts and trade in the stock market with spoofed identity.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
认证机制不恰当
Source: NVD (National Vulnerability Database)
Vulnerability Title
嘉实资讯 CTS Web transaction system 授权问题漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
嘉实资讯 CTS Web transaction system是台湾嘉实资讯公司的一款CTS Web 交易系統。 CTS Web transaction system 存在授权问题漏洞,该漏洞源于事务系统的认证相关的功能实现不正确。远程攻击者可利用该漏洞在登陆后操纵cookie访问其他账户,并以欺骗身份在股市交易。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
VendorProductAffected VersionsCPESubscribe
SysJustCTS Web unspecified ~ released 2021.3.25 -
II. Public POCs for CVE-2021-32543
#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC
III. Intelligence Information for CVE-2021-32543
Please Login to view more intelligence information
IV. Related Vulnerabilities
Same product: CTS Web
Same vendor: SysJust
Same weakness: CWE-287
V. Comments for CVE-2021-32543

No comments yet

Leave a comment