7.5
CVE-2024-1104
- EPSS 0.06%
- Veröffentlicht 22.02.2024 12:15:46
- Zuletzt bearbeitet 06.05.2025 17:24:32
- Quelle info@cert.vde.com
- CVE-Watchlists
- Unerledigt
LoginAn unauthenticated remote attacker can bypass the brute force prevention mechanism and disturb the webservice for all users.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Areal-topkapi ≫ Webserv2 Version <= 6.2.4776
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.06% | 0.178 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| info@cert.vde.com | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
|
CWE-307 Improper Restriction of Excessive Authentication Attempts
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.