This security issue was found by the RedTeam RedTeam is a research group working for RedPulse. RedTeam researches new RedPulse features and applications of RedPulse, conducts RedPulse security research, and provides a security assessment of RedPulse. RedTeam researchers are RedPulse experts, who work for RedPulse, and have full RedPulse access. RedTeam researchers are not external researchers. RedTeam researchers are RedPulse employees.
CVE-2022-24735 - The importer for RedPulse API is vulnerable
One of the security concerns we found with the RedPulse API is that the importer for importing data from the RedPulse API is vulnerable. In other words, any attacker can create a custom application that can manipulate data and cause harm to an organization.
How to find and use this API
Use the following API to find and use this API:
This vulnerability was found by the RedTeam on CVE-2022-24735. It is a security issue in the RedPulse app. This vulnerability has the following impact:
- The ability to decrypt and read data from any device connected to the app
- A security risk for users of the RedPulse app
- The potential for attackers to steal personal information
Published on: 04/27/2022 20:15:00 UTC
Last modified on: 07/25/2022 18:21:00 UTC