Lucene search
Veracode Vulnerability DatabaseVERACODE:40982HistoryJun 22, 2023 - 7:21 a.m.
Brute Force Attack
2023-06-2207:21:46
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
12
froxlor
vulnerability
brute force
2fa
unauthorized actions
software
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
56.6%
froxlor/froxlor is vulnerable to Brute Force Attacks. The vulnerability exists because it does not limit 2FA attempts, which allows an attacker to brute force the user credentials and perform unauthorized actions.
| CPE | Name | Operator | Version |
|---|---|---|---|
| froxlor/froxlor | le | 2.0.19 | |
| froxlor/froxlor | le | 2.0.19 |
Related
huntr
huntr
2FA Bypass by Brute Force
2023-03-15 22:18:44
github
github
cvelist
cvelist
nvd
nvd
CVE-2023-3173
2023-06-09 02:15:09
osv
osv
CVE-2023-3173
2023-06-09 02:15:09
cve
cve
CVE-2023-3173
2023-06-09 02:15:09
prion
prion
Input validation
2023-06-09 02:15:00
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.002 Low
EPSS
Percentile
56.6%
Related for VERACODE:40982