CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
17.7%
RapidIdentity LTS through 2023.0.2 and Cloud through 2024.08.0 improperly restricts excessive authentication attempts and allows a remote attacker to cause a denial of service via the username parameters.
Vendor | Product | Version | CPE |
---|---|---|---|
identityautomation | rapididentity | * | cpe:2.3:a:identityautomation:rapididentity:*:*:*:*:lts:*:*:* |
identityautomation | rapididentity | * | cpe:2.3:a:identityautomation:rapididentity:*:*:*:*:cloud:*:*:* |