Lucene search
GoogleOSV:GHSA-MP5P-G2JV-R8QWHistorySep 14, 2022 - 12:00 a.m.
rdiffweb 2.4.1 contains Weak Password Requirements
2022-09-1400:00:43
Google
osv.dev
10
rdiffweb
version 2.4.1
password policy
password checking
brute force
vulnerability
version 2.4.2
minimum password length
maximum password length
software
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.7
Confidence
High
EPSS
0.001
Percentile
41.1%
rdiffweb version 2.4.1 has no password policy or password checking, which could make users vulnerable to brute force password guessing attacks. Version 2.4.2 enforces minimum and maximum password lengths.
Related
prion
prion
Default credentials
2022-09-13 17:15:00
veracode
veracode
Weak Password Requirements
2022-09-14 05:52:54
cvelist
cvelist
CVE-2022-3179 Weak Password Requirements in ikus060/rdiffweb
2022-09-13 16:35:09
cve
cve
CVE-2022-3179
2022-09-13 17:15:08
github
github
rdiffweb 2.4.1 contains Weak Password Requirements
2022-09-14 00:00:43
huntr
huntr
Password can be set extremely weak
2022-09-09 08:02:42
osv
osv
PYSEC-2022-272
2022-09-13 17:15:00
CVE-2022-3179
2022-09-13 17:15:08
nvd
nvd
CVE-2022-3179
2022-09-13 17:15:08
fedora
fedora
[SECURITY] Fedora 36 Update: python-bottle-0.12.21-2.fc36
2022-06-22 00:48:23
nessus
nessus
Amazon Linux 2022 : (ALAS2022-2022-205)
2022-11-04 00:00:00
Amazon Linux 2023 : python3-bottle (ALAS2023-2023-082)
2023-03-21 00:00:00
openvas
openvas
Fedora: Security Advisory for python-bottle (FEDORA-2022-cc9a173168)
2022-06-22 00:00:00
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.7
Confidence
High
EPSS
0.001
Percentile
41.1%
Related for OSV:GHSA-MP5P-G2JV-R8QW