CVE-2024-45919 is a security vulnerability identified in Solvait version 24.4.2 that allows an attacker to elevate privileges by exploiting insufficient authorization controls. Specifically, the vulnerability exists in the /AssignToMe/SetAction endpoint, where the Request ID and Action Type parameters can be manipulated to bypass established approval workflows. This bypass enables attackers to perform actions typically restricted to authorized users, such as approving requests fraudulently or accessing sensitive information. The root cause is a failure to properly validate user permissions before processing these parameters, classified under CWE-269 (Improper Privilege Management). The vulnerability is remotely exploitable over the network without requiring authentication or user interaction, as indicated by the CVSS vector (AV:N/AC:L/PR:N/UI:N). The CVSS base score of 6.5 reflects a medium severity level, with impacts on confidentiality and integrity but no direct availability impact. Although no public exploits have been reported yet, the ease of exploitation and the critical nature of approval workflows make this a significant concern for organizations relying on Solvait for sensitive operations. The lack of available patches at the time of disclosure necessitates immediate attention to alternative mitigation strategies.

The vulnerability allows attackers to bypass approval workflows, which can lead to unauthorized disclosure of sensitive information and approval of fraudulent or malicious requests. This compromises the confidentiality and integrity of organizational data and processes. For organizations, this could result in financial losses, regulatory non-compliance, reputational damage, and operational disruptions. Since the exploit requires no authentication and can be performed remotely, the attack surface is broad, increasing the likelihood of exploitation. Critical business functions relying on Solvait’s approval mechanisms, such as financial transactions, access provisioning, or compliance workflows, are particularly at risk. The absence of known exploits currently limits immediate widespread impact, but the potential for targeted attacks against high-value organizations remains significant.

1. Immediately review and restrict access to the /AssignToMe/SetAction endpoint through network segmentation or firewall rules to limit exposure. 2. Implement strict input validation and authorization checks on Request ID and Action Type parameters to ensure only authorized users can perform actions. 3. Monitor logs for unusual activity related to approval workflows, especially unexpected parameter values or repeated requests. 4. Employ multi-factor authentication and role-based access control to reduce the risk of unauthorized privilege escalation. 5. Engage with Solvait vendor support for patches or official remediation guidance and apply updates as soon as they become available. 6. Conduct internal audits of approval workflows to detect and remediate any fraudulent approvals that may have occurred. 7. Consider deploying Web Application Firewalls (WAFs) with custom rules to detect and block attempts to manipulate these parameters. 8. Educate users and administrators about the risk and signs of exploitation to enhance detection and response capabilities.