3 matches found
CVE-2020-15367
Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page...
CVE-2020-15367
Venki Supravizio BPM 10.1.2 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page...
CVE-2020-15367
CVE-2020-15367 affects Venki Supravizio BPM 10.1.2 and stems from not limiting authentication attempts on the Login page. This unbounded brute-force risk is evidenced by multiple sources noting an unauthenticated attacker could repeatedly attempt logins. The publicly available materials describe ...