Lucene search
K

6 matches found

NVD
NVD
added 2026/06/30 2:16 p.m.11 views

CVE-2026-35098

KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited authentication requests. This lack of rate‑limiting enables efficient brute‑force attacks against user accounts. When combined with vulnerability CVE-2026-35097, where...

6.9CVSS0.00323EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/30 1:37 p.m.8 views

EUVD-2026-40325

KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited authentication requests. This lack of rate‑limiting enables efficient brute‑force attacks against user accounts. When combined with vulnerability CVE-2026-35097, where...

6.9CVSS5.8AI score0.00323EPSS
Exploits0References2
CVE
CVE
added 2026/06/30 1:37 p.m.11 views

CVE-2026-35097

The CVE affects KTM System e-BOK, where the password policy allows only numeric passwords up to six digits. Root cause is a restricted character set and short max length, resulting in weak credential requirements. The issue has been addressed by a patch published in June 2026. Remediation recomme...

6.9CVSS5.8AI score0.00249EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/30 1:37 p.m.8 views

CVE-2026-35098

KTM System e-BOK does not implement any limit or timeout on consecutive login attempts, allowing an attacker to perform unlimited authentication requests. This lack of rate‑limiting enables efficient brute‑force attacks against user accounts. When combined with vulnerability CVE-2026-35097, where...

6.9CVSS5.8AI score0.00323EPSS
Exploits0References3
CVE
CVE
added 2026/06/30 1:37 p.m.14 views

CVE-2026-35098

KTM System e-BOK is affected by CVE-2026-35098 due to no rate limiting on login attempts, enabling brute-force attacks for user accounts. When paired with CVE-2026-35097 (six-digit numeric passwords), the risk increases. A patch was released in June 2026 to fix this issue. The CVSS metrics from C...

6.9CVSS5.8AI score0.00323EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/30 1:37 p.m.8 views

CVE-2026-35097 Weak Password Requirements in KTM System e-BOK

KTM System e-BOK enforces a maximum password length of six numeric digits and does not permit the use of any alphabetic, special, or extended characters. This issue was fixed in the patch published in June 2026...

6.9CVSS5.8AI score0.00249EPSS
Exploits0References2
Rows per page
Query Builder