4 matches found
CVE-2024-55008
JATOS 3.9.4 contains a denial-of-service DoS vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the...
CVE-2024-55008
CVE-2024-55008 concerns JATOS 3.9.4, where an authentication DoS can lock out user accounts. The document set confirms the vulnerability arises from the login flow: submitting 3 incorrect login attempts per minute can trigger an account-level lockout, affecting any user regardless of privileges, ...
CVE-2024-55008
JATOS 3.9.4 contains a denial-of-service DoS vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the...
CVE-2024-55008
JATOS 3.9.4 contains a denial-of-service DoS vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the...