2 matches found
CVE-2019-18985
Pimcore before 6.2.2 lacks brute force protection for the 2FA token...
CVE-2019-18985
CVE-2019-18985 affects Pimcore prior to version 6.2.2, where there is no brute-force protection for the 2FA token. The vulnerability arises from missing rate-limiting on 2FA attempts, enabling offline-like or automated brute force toward 2FA tokens, potentially allowing account compromise. The CV...