Lucene search

GHSA-24Q2-59HM-RH9R Strapi Improper Rate Limiting vulnerability

🗓️ 13 Sep 2023 16:26:32Reported by GoogleType

osv🔗 osv.dev👁 14 Views

Strapi Improper Rate Limiting vulnerability allows bypassing login function. Impact: unauthorized login via brute force attack may occur. Measures: enforce request path case conversion, remove extra slashes

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
OSV	CVE-2023-38507	15 Sep 202320:15	–	osv
Prion	Design/Logic Flaw	15 Sep 202320:15	–	prion
Veracode	Improper Rate Limiting	15 Sep 202308:58	–	veracode
NVD	CVE-2023-38507	15 Sep 202320:15	–	nvd
CVE	CVE-2023-38507	15 Sep 202320:15	–	cve
Github Security Blog	Strapi Improper Rate Limiting vulnerability	13 Sep 202316:32	–	github
Cvelist	CVE-2023-38507 Strapi Improper Rate Limiting vulnerability	15 Sep 202319:15	–	cvelist
Vulnrichment	CVE-2023-38507 Strapi Improper Rate Limiting vulnerability	15 Sep 202319:15	–	vulnrichment

Source	Link
github	www.github.com/strapi/strapi/security/advisories/GHSA-24q2-59hm-rh9r
nvd	www.nvd.nist.gov/vuln/detail/CVE-2023-38507
github	www.github.com/strapi/strapi
github	www.github.com/strapi/strapi/blob/32d68f1f5677ed9a9a505b718c182c0a3f885426/packages/core/admin/server/middlewares/rateLimit.js
github	www.github.com/strapi/strapi/releases/tag/v4.12.1

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Sep 2023 16:32Current

8.3High risk

Vulners AI Score8.3

CVSS37.3 - 9.8

EPSS0.00255

SSVC