Lucene search

K
cve[email protected]CVE-2022-37772
HistoryNov 23, 2022 - 2:15 a.m.

CVE-2022-37772

2022-11-2302:15:09
CWE-307
web.nvd.nist.gov
26
4
maarch rm
authentication
vulnerability
nvd
cve-2022-37772

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.003 Low

EPSS

Percentile

70.3%

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.

Affected configurations

NVD
Node
maarchmaarch_rmRange2.82.8.6
OR
maarchmaarch_rmMatch2.9

Social References

More

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.003 Low

EPSS

Percentile

70.3%

Related for CVE-2022-37772