Cafeplus
Monthly
Missing authentication in AKIN Software's CafePlus versions 12.05.03 through 12.05.04 allows adjacent-network attackers to access privileged functionality without credentials. The flaw enables full compromise of confidentiality, integrity, and availability over an adjacent network vector, with no public exploit identified at time of analysis. Reported by Turkey's national CERT (TR-CERT), the issue stems from critical functions lacking proper ACL enforcement.
Missing authentication in AKIN Software's CafePlus versions 12.05.03 through 12.05.04 allows adjacent-network attackers to access privileged functionality without credentials. The flaw enables full compromise of confidentiality, integrity, and availability over an adjacent network vector, with no public exploit identified at time of analysis. Reported by Turkey's national CERT (TR-CERT), the issue stems from critical functions lacking proper ACL enforcement.