ByteOS Network

CVE Vulnerability Details :

CVE-2024-12137

PUBLISHED

More Info Official Page

Assigner-TR-CERT

Assigner Org ID-ca940d4e-fea4-4aa2-9a58-591a58b1ce21

Published At-19 Mar, 2025 | 08:32

Updated At-27 Jun, 2025 | 11:30

▼CVE Numbering Authority (CNA)

Authentication Bypass in Elfatek Elektronics' ANKA JPD-00028

Authentication Bypass by Capture-replay vulnerability in Elfatek Elektronics ANKA JPD-00028 allows Session Hijacking.This issue affects ANKA JPD-00028: before V.01.01.

Affected Products

Vendor

Elfatek Elektronics

Product

ANKA JPD-00028

Default Status

affected

Versions

Affected

From 0 before V.01.01 (custom)

Problem Types

Type	CWE ID	Description
CWE	CWE-294	CWE-294 Authentication Bypass by Capture-replay

Metrics

Version	Base score	Base severity	Vector
3.1	7.6	HIGH	CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H

Impacts

CAPEC ID	Description
CAPEC-593	CAPEC-593 Session Hijacking

Credits

finder

Aleksey USANOV

sponsor

Positive Technologies

References

Hyperlink	Resource
https://www.usom.gov.tr/bildirim/tr-25-0071	N/A

▼Authorized Data Publishers (ADP)

CISA ADP Vulnrichment

Affected Products

Affected

Problem Types

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References

Affected Products

Metrics

Metrics Other Info

Impacts

Solutions

Configurations

Workarounds

Exploits

Credits

Timeline

Replaced By

Rejected Reason

References