Lucene search
HistoryJul 19, 2023 - 10:15 p.m.
CVE-2023-32657
weintek weincloud
vulnerability
credential
brute force
attack
authentication
error message
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.1%
Weintek Weincloud v0.13.6
could allow an attacker to efficiently develop a brute force attack on credentials with authentication hints from error message responses.
Affected configurations
Node
weintekweincloudMatch0.13.6
Related
prion
prion
Authentication flaw
2023-07-19 22:15:00
cve
cve
CVE-2023-32657
2023-07-19 22:15:10
cvelist
cvelist
ics
ics
βWeintek Weincloud
2023-07-18 12:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.5 Medium
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
40.1%
Related for NVD:CVE-2023-32657