6 matches found
CVE-2023-29005
creationtimestamp| type| source ---|---|--- 2023-04-11 00:22:49+00:00| seen| https://t.me/cibsecurity/61801...
CVE-2023-29005 No Rate Limiting on Login AUTH DB
Flask-AppBuilder versions before 4.3.0 lack rate limiting which can allow an attacker to brute-force user credentials. Version 4.3.0 includes the ability to enable rate limiting using AUTHRATELIMITED = True, RATELIMITENABLED = True, and setting an AUTHRATELIMIT...
CVE-2023-29005
Affected software: Flask-AppBuilder before 4.3.0. Root cause: lack of rate limiting on login allows brute-forcing credentials. Mitigation: upgrade to Flask-AppBuilder 4.3.0 or later; in 4.3.0+, enable rate limiting via AUTH_RATE_LIMITED = True, RATELIMIT_ENABLED = True, and set AUTH_RATE_LIMIT. S...
CVE-2023-29005
Removed by vendor...
CVE-2023-29005 No Rate Limiting on Login AUTH DB
Flask-AppBuilder versions before 4.3.0 lack rate limiting which can allow an attacker to brute-force user credentials. Version 4.3.0 includes the ability to enable rate limiting using AUTHRATELIMITED = True, RATELIMITENABLED = True, and setting an AUTHRATELIMIT...
CVE-2023-29005 No Rate Limiting on Login AUTH DB
Flask-AppBuilder versions before 4.3.0 lack rate limiting which can allow an attacker to brute-force user credentials. Version 4.3.0 includes the ability to enable rate limiting using AUTHRATELIMITED = True, RATELIMITENABLED = True, and setting an AUTHRATELIMIT...