5 matches found
CVE-2022-2321
Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks...
CVE-2022-2321 Improper Restriction of Excessive Authentication Attempts in heroiclabs/nakama
Improper Restriction of Excessive Authentication Attempts in GitHub repository heroiclabs/nakama prior to 3.13.0. This results in login brute-force attacks...
CVE-2022-2321
CVE-2022-2321 affects the Nakama console (heroiclabs/nakama). The vulnerability arises from an improper restriction of excessive authentication attempts , enabling brute-force login attempts on the console. Affected condition is stated as Nakama prior to version 3.13.0. The available sources cons...
CVE-2022-2306 Insufficient Session Expiration in heroiclabs/nakama
Old session tokens can be used to authenticate to the application and send authenticated requests...
Improper Privilege Management in heroiclabs/nakama
Description A predefined View Only user has access to the User Management function at the :7351//users endpoint. By default this is a predefined system administrator function, and no other users should be able to access this function. Proof of Concept - Create a View-only user with the...