Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:21 a.m.4 views

CVE-2021-41171

eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechanism by using many different forged PHPSESSID values in HTTP Cookie header. This issue has been addressed by implementing...

8.8CVSS6.7AI score0.01883EPSS
Exploits1References1
Circl
Circl
added 2021/10/22 10:39 p.m.9 views

CVE-2021-41171

creationtimestamp| type| source ---|---|--- 2021-10-22 22:39:24+00:00| seen| https://t.me/cibsecurity/31057...

8.8CVSS8.2AI score0.01883EPSS
Exploits1References1
CVE
CVE
added 2021/10/22 6:55 p.m.58 views

CVE-2021-41171

CVE-2021-41171 affects eLabFTW prior to 4.1.0. The issue allows bypassing brute-force protection by using forged PHPSESSID values in the HTTP Cookie header, enabling login bypass as described in multiple sources. Remediation is to upgrade to version 4.1.0 (upstream rate limiting is a valid option...

8.8CVSS7.2AI score0.01883EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2021/10/22 6:55 p.m.24 views

CVE-2021-41171 Bypass bruteforce protection on login form in elabftw

eLabFTW is an open source electronic lab notebook manager for research teams. In versions of eLabFTW before 4.1.0, it allows attackers to bypass a brute-force protection mechanism by using many different forged PHPSESSID values in HTTP Cookie header. This issue has been addressed by implementing...

5.9CVSS8.9AI score0.01883EPSS
Exploits1References5
Rows per page
Query Builder