A vulnerability, which was classified as problematic, was found in IceWhaleTech ZimaOS up to 1.2.4. This affects an unknown part of the file /v1/users/login of the component API Endpoint. The manipulation leads to information exposure through discrepancy.
This vulnerability is uniquely identified as CVE-2024-49358. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.