9.8
CVE-2023-37635
- EPSS 1.15%
- Veröffentlicht 23.10.2023 21:15:08
- Zuletzt bearbeitet 21.11.2024 08:12:03
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginUVDesk Community Skeleton v1.1.1 allows unauthenticated attackers to perform brute force attacks on the login page to gain access to the application.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Uvdesk ≫ Community-skeleton Version1.1.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.15% | 0.628 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
CWE-307 Improper Restriction of Excessive Authentication Attempts
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
https://www.esecforte.com/cve-2023-37635-login-bruteforce/