Vulnerabilities > Fiware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-12 | CVE-2024-42164 | Use of Insufficiently Random Values vulnerability in Fiware Keyrock Insufficiently random values for generating password reset token in FIWARE Keyrock <= 8.4 allow attackers to disable two factor authorization of any user by predicting the token for the disable_2fa link. | 4.3 |
| 2024-08-12 | CVE-2024-42165 | Use of Insufficiently Random Values vulnerability in Fiware Keyrock Insufficiently random values for generating activation token in FIWARE Keyrock <= 8.4 allow attackers to activate accounts of any user by predicting the token for the activation link. | 5.4 |