CWE-307
Improper Restriction of Excessive Authentication Attempts
The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
CVE-2024-11126 (GCVE-0-2024-11126)
Vulnerability from cvelistv5 – Published: 2024-11-12 14:31 – Updated: 2024-11-12 20:13
VLAI
Title
Digistar AG-30 Plus Login Page excessive authentication
Summary
A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://vuldb.com/?id.283974 | vdb-entry |
| https://vuldb.com/?ctiid.283974 | signaturepermissions-required |
| https://vuldb.com/?submit.437096 | third-party-advisory |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Digistar | AG-30 Plus |
Affected:
2.6b
|
Credits
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11126",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-12T15:44:06.971579Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T20:13:26.812Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"modules": [
"Login Page"
],
"product": "AG-30 Plus",
"vendor": "Digistar",
"versions": [
{
"status": "affected",
"version": "2.6b"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "W0t4n (VulDB User)"
}
],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in Digistar AG-30 Plus 2.6b. It has been classified as problematic. Affected is an unknown function of the component Login Page. The manipulation leads to improper restriction of excessive authentication attempts. The complexity of an attack is rather high. The exploitability is told to be difficult. The vendor was contacted early about this disclosure but did not respond in any way."
},
{
"lang": "de",
"value": "Es wurde eine problematische Schwachstelle in Digistar AG-30 Plus 2.6b ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf der Komponente Login Page. Durch das Beeinflussen mit unbekannten Daten kann eine improper restriction of excessive authentication attempts-Schwachstelle ausgenutzt werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 2.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:4.0/AV:A/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0"
}
},
{
"cvssV3_1": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
},
{
"cvssV3_0": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
}
},
{
"cvssV2_0": {
"baseScore": 1.8,
"vectorString": "AV:A/AC:H/Au:N/C:P/I:N/A:N",
"version": "2.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-799",
"description": "Improper Control of Interaction Frequency",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-12T14:31:06.409Z",
"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"shortName": "VulDB"
},
"references": [
{
"name": "VDB-283974 | Digistar AG-30 Plus Login Page excessive authentication",
"tags": [
"vdb-entry"
],
"url": "https://vuldb.com/?id.283974"
},
{
"name": "VDB-283974 | CTI Indicators (IOB, IOC, TTP)",
"tags": [
"signature",
"permissions-required"
],
"url": "https://vuldb.com/?ctiid.283974"
},
{
"name": "Submit #437096 | Digistar AG-30 Plus 2.6b Improper Restriction of Excessive Authentication Attempts",
"tags": [
"third-party-advisory"
],
"url": "https://vuldb.com/?submit.437096"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-11-12T00:00:00.000Z",
"value": "Advisory disclosed"
},
{
"lang": "en",
"time": "2024-11-12T01:00:00.000Z",
"value": "VulDB entry created"
},
{
"lang": "en",
"time": "2024-11-12T08:12:05.000Z",
"value": "VulDB entry last update"
}
],
"title": "Digistar AG-30 Plus Login Page excessive authentication"
}
},
"cveMetadata": {
"assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
"assignerShortName": "VulDB",
"cveId": "CVE-2024-11126",
"datePublished": "2024-11-12T14:31:06.409Z",
"dateReserved": "2024-11-12T07:06:57.964Z",
"dateUpdated": "2024-11-12T20:13:26.812Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-12039 (GCVE-0-2024-12039)
Vulnerability from cvelistv5 – Published: 2025-03-20 10:09 – Updated: 2025-03-20 18:37
VLAI
Title
Improper Restriction of Excessive Authentication Attempts in langgenius/dify
Summary
langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the number of code guess attempts for password reset. This allows an unauthenticated attacker to reset owner, admin, or other user passwords within a few hours by guessing the six-digit code, resulting in a complete compromise of the application.
Severity
7.4 (High)
SSVC
Exploitation: poc
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| langgenius | langgenius/dify |
Affected:
unspecified , ≤ latest
(custom)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-12039",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-20T17:50:26.815817Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T18:37:39.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "langgenius/dify",
"vendor": "langgenius",
"versions": [
{
"lessThanOrEqual": "latest",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "langgenius/dify version v0.10.1 contains a vulnerability where there are no limits applied to the number of code guess attempts for password reset. This allows an unauthenticated attacker to reset owner, admin, or other user passwords within a few hours by guessing the six-digit code, resulting in a complete compromise of the application."
}
],
"metrics": [
{
"cvssV3_0": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-20T10:09:33.467Z",
"orgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"shortName": "@huntr_ai"
},
"references": [
{
"url": "https://huntr.com/bounties/61af30d5-6055-4c6c-8a55-3fa43dada512"
}
],
"source": {
"advisory": "61af30d5-6055-4c6c-8a55-3fa43dada512",
"discovery": "EXTERNAL"
},
"title": "Improper Restriction of Excessive Authentication Attempts in langgenius/dify"
}
},
"cveMetadata": {
"assignerOrgId": "c09c270a-b464-47c1-9133-acb35b22c19a",
"assignerShortName": "@huntr_ai",
"cveId": "CVE-2024-12039",
"datePublished": "2025-03-20T10:09:33.467Z",
"dateReserved": "2024-12-02T17:04:27.890Z",
"dateUpdated": "2025-03-20T18:37:39.974Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-2051 (GCVE-0-2024-2051)
Vulnerability from cvelistv5 – Published: 2024-03-18 16:03 – Updated: 2024-08-28 15:04
VLAI
Summary
CWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that
could cause account takeover and unauthorized access to the system when an attacker
conducts brute-force attacks against the login form.
Severity
9.8 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
1 reference
Impacted products
8 products
| Vendor | Product | Version | |
|---|---|---|---|
| Schneider Electric | Easergy T200 (Modbus) Models: T200I, T200E, T200P, T200S, T200H |
Affected:
SC2-04MOD-07000104 , ≤ prior
(custom)
|
|
| Schneider Electric | Easergy T200 (IEC104) Models: T200I, T200E, T200P, T200S, T200H |
Affected:
SC2-04IEC-07000104 , ≤ prior
(custom)
|
|
| Schneider Electric | Easergy T200 (DNP3) Models: T200I, T200E, T200P, T200S, T200H |
Affected:
SC2-04DNP-07000104 , ≤ prior
(custom)
|
|
| schneider_electric | easergy_t200i_firmware |
Affected:
0 , < sc2-04mod-07000104
(custom)
cpe:2.3:o:schneider_electric:easergy_t200i_firmware:*:*:*:*:*:*:*:* |
|
| schneider_electric | easergy_t200e_firmware |
Affected:
0 , < sc2-04mod-07000104
(custom)
cpe:2.3:o:schneider_electric:easergy_t200e_firmware:*:*:*:*:*:*:*:* |
|
| schneider_electric | easergy_t200p_firmware |
Affected:
0 , < sc2-04mod-07000104
(custom)
cpe:2.3:o:schneider_electric:easergy_t200p_firmware:*:*:*:*:*:*:*:* |
|
| schneider_electric | easergy_t200s_firmware |
Affected:
0 , < sc2-04mod-07000104
(custom)
cpe:2.3:o:schneider_electric:easergy_t200s_firmware:*:*:*:*:*:*:*:* |
|
| schneider_electric | easergy_t200h_firmware |
Affected:
0 , < sc2-04mod-07000104
(custom)
cpe:2.3:o:schneider_electric:easergy_t200h_firmware:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:03:37.846Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-072-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-072-01.pdf"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:o:schneider_electric:easergy_t200i_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "easergy_t200i_firmware",
"vendor": "schneider_electric",
"versions": [
{
"lessThan": "sc2-04mod-07000104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:schneider_electric:easergy_t200e_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "easergy_t200e_firmware",
"vendor": "schneider_electric",
"versions": [
{
"lessThan": "sc2-04mod-07000104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:schneider_electric:easergy_t200p_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "easergy_t200p_firmware",
"vendor": "schneider_electric",
"versions": [
{
"lessThan": "sc2-04mod-07000104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:schneider_electric:easergy_t200s_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "easergy_t200s_firmware",
"vendor": "schneider_electric",
"versions": [
{
"lessThan": "sc2-04mod-07000104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:o:schneider_electric:easergy_t200h_firmware:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "easergy_t200h_firmware",
"vendor": "schneider_electric",
"versions": [
{
"lessThan": "sc2-04mod-07000104",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2051",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-18T19:50:38.913590Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T15:04:28.061Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Easergy T200 (Modbus) Models: T200I, T200E, T200P, T200S, T200H ",
"vendor": "Schneider Electric",
"versions": [
{
"lessThanOrEqual": "prior",
"status": "affected",
"version": "SC2-04MOD-07000104",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Easergy T200 (IEC104) Models: T200I, T200E, T200P, T200S, T200H",
"vendor": "Schneider Electric ",
"versions": [
{
"lessThanOrEqual": "prior",
"status": "affected",
"version": "SC2-04IEC-07000104",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Easergy T200 (DNP3) Models: T200I, T200E, T200P, T200S, T200H",
"vendor": "Schneider Electric ",
"versions": [
{
"lessThanOrEqual": "prior",
"status": "affected",
"version": "SC2-04DNP-07000104",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\nCWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that\ncould cause account takeover and unauthorized access to the system when an attacker\nconducts brute-force attacks against the login form.\n\n"
}
],
"value": "\nCWE-307: Improper Restriction of Excessive Authentication Attempts vulnerability exists that\ncould cause account takeover and unauthorized access to the system when an attacker\nconducts brute-force attacks against the login form.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-18T16:03:44.987Z",
"orgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"shortName": "schneider"
},
"references": [
{
"url": "https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2024-072-01\u0026p_enDocType=Security+and+Safety+Notice\u0026p_File_Name=SEVD-2024-072-01.pdf"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "076d1eb6-cfab-4401-b34d-6dfc2a413bdb",
"assignerShortName": "schneider",
"cveId": "CVE-2024-2051",
"datePublished": "2024-03-18T16:03:44.987Z",
"dateReserved": "2024-03-01T01:25:46.121Z",
"dateUpdated": "2024-08-28T15:04:28.061Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21652 (GCVE-0-2024-21652)
Vulnerability from cvelistv5 – Published: 2024-03-18 17:14 – Updated: 2024-08-01 22:27
VLAI
Title
Argo CD vulnerable to Bypassing of Brute Force Protection via Application Crash and In-Memory Data Loss
Summary
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a chain of vulnerabilities, including a Denial of Service (DoS) flaw and in-memory data storage weakness, to effectively bypass the application's brute force login protection. This is a critical security vulnerability that allows attackers to bypass the brute force login protection mechanism. Not only can they crash the service affecting all users, but they can also make unlimited login attempts, increasing the risk of account compromise. Versions 2.8.13, 2.9.9, and 2.10.4 contain a patch for this issue.
Severity
9.8 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://github.com/argoproj/argo-cd/security/advi… | x_refsource_CONFIRM |
Impacted products
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:argoproj:argo-cd:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "argo-cd",
"vendor": "argoproj",
"versions": [
{
"lessThan": "2.8.13",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"lessThan": "2.9.9",
"status": "affected",
"version": "2.9.0",
"versionType": "custom"
},
{
"lessThan": "2.10.4",
"status": "affected",
"version": "2.10.0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21652",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-07T15:52:24.341044Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-07T15:52:27.549Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.044Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-x32m-mvfj-52xv",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-x32m-mvfj-52xv"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "argo-cd",
"vendor": "argoproj",
"versions": [
{
"status": "affected",
"version": "\u003c 2.8.13"
},
{
"status": "affected",
"version": "\u003e= 2.9.0, \u003c 2.9.9"
},
{
"status": "affected",
"version": "\u003e= 2.10.0, \u003c 2.10.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can exploit a chain of vulnerabilities, including a Denial of Service (DoS) flaw and in-memory data storage weakness, to effectively bypass the application\u0027s brute force login protection. This is a critical security vulnerability that allows attackers to bypass the brute force login protection mechanism. Not only can they crash the service affecting all users, but they can also make unlimited login attempts, increasing the risk of account compromise. Versions 2.8.13, 2.9.9, and 2.10.4 contain a patch for this issue.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-18T17:14:02.995Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-x32m-mvfj-52xv",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-x32m-mvfj-52xv"
}
],
"source": {
"advisory": "GHSA-x32m-mvfj-52xv",
"discovery": "UNKNOWN"
},
"title": "Argo CD vulnerable to Bypassing of Brute Force Protection via Application Crash and In-Memory Data Loss"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-21652",
"datePublished": "2024-03-18T17:14:02.995Z",
"dateReserved": "2023-12-29T16:10:20.366Z",
"dateUpdated": "2024-08-01T22:27:36.044Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-21662 (GCVE-0-2024-21662)
Vulnerability from cvelistv5 – Published: 2024-03-18 18:42 – Updated: 2024-08-01 22:27
VLAI
Title
Argo CD vulnerable to Bypassing of Rate Limit and Brute Force Protection Using Cache Overflow
Summary
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can effectively bypass the rate limit and brute force protections by exploiting the application's weak cache-based mechanism. This loophole in security can be combined with other vulnerabilities to attack the default admin account. This flaw undermines a patch for CVE-2020-8827 intended to protect against brute-force attacks. The application's brute force protection relies on a cache mechanism that tracks login attempts for each user. This cache is limited to a `defaultMaxCacheSize` of 1000 entries. An attacker can overflow this cache by bombarding it with login attempts for different users, thereby pushing out the admin account's failed attempts and effectively resetting the rate limit for that account. This is a severe vulnerability that enables attackers to perform brute force attacks at an accelerated rate, especially targeting the default admin account. Users should upgrade to version 2.8.13, 2.9.9, or 2.10.4 to receive a patch.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
5 references
| URL | Tags |
|---|---|
| https://github.com/argoproj/argo-cd/security/advi… | x_refsource_CONFIRM |
| https://github.com/argoproj/argo-cd/commit/17b0df… | x_refsource_MISC |
| https://github.com/argoproj/argo-cd/commit/6e181d… | x_refsource_MISC |
| https://github.com/argoproj/argo-cd/commit/cebb65… | x_refsource_MISC |
| https://argo-cd.readthedocs.io/en/stable/security… | x_refsource_MISC |
Impacted products
4 products
| Vendor | Product | Version | |
|---|---|---|---|
| argoproj | argo-cd |
Affected:
< 2.8.13
Affected: >= 2.9.0, < 2.9.9 Affected: >= 2.10.0, < 2.10.4 |
|
| linuxfoundation | argo-cd |
Affected:
2.9.0 , < 2.9.9
(custom)
cpe:2.3:a:linuxfoundation:argo-cd:2.9.0:-:*:*:*:*:*:* |
|
| linuxfoundation | argo-cd |
Affected:
2.10.0
cpe:2.3:a:linuxfoundation:argo-cd:2.10.0:*:*:*:*:*:*:* |
|
| linuxfoundation | argo-cd |
Affected:
0 , < 2.8.13
(custom)
cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:linuxfoundation:argo-cd:2.9.0:-:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "argo-cd",
"vendor": "linuxfoundation",
"versions": [
{
"lessThan": "2.9.9",
"status": "affected",
"version": "2.9.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:linuxfoundation:argo-cd:2.10.0:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "argo-cd",
"vendor": "linuxfoundation",
"versions": [
{
"status": "affected",
"version": "2.10.0"
}
]
},
{
"cpes": [
"cpe:2.3:a:linuxfoundation:argo-cd:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "argo-cd",
"vendor": "linuxfoundation",
"versions": [
{
"lessThan": "2.8.13",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-21662",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-16T00:19:37.829646Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-16T00:24:27.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:27:36.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2vgg-9h6w-m454",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2vgg-9h6w-m454"
},
{
"name": "https://github.com/argoproj/argo-cd/commit/17b0df1168a4c535f6f37e95f25ed7cd81e1fa4d",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/argoproj/argo-cd/commit/17b0df1168a4c535f6f37e95f25ed7cd81e1fa4d"
},
{
"name": "https://github.com/argoproj/argo-cd/commit/6e181d72b31522f886a2afa029d5b26d7912ec7b",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/argoproj/argo-cd/commit/6e181d72b31522f886a2afa029d5b26d7912ec7b"
},
{
"name": "https://github.com/argoproj/argo-cd/commit/cebb6538f7944c87ca2fecb5d17f8baacc431456",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/argoproj/argo-cd/commit/cebb6538f7944c87ca2fecb5d17f8baacc431456"
},
{
"name": "https://argo-cd.readthedocs.io/en/stable/security_considerations/#cve-2020-8827-insufficient-anti-automationanti-brute-force",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://argo-cd.readthedocs.io/en/stable/security_considerations/#cve-2020-8827-insufficient-anti-automationanti-brute-force"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "argo-cd",
"vendor": "argoproj",
"versions": [
{
"status": "affected",
"version": "\u003c 2.8.13"
},
{
"status": "affected",
"version": "\u003e= 2.9.0, \u003c 2.9.9"
},
{
"status": "affected",
"version": "\u003e= 2.10.0, \u003c 2.10.4"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Prior to versions 2.8.13, 2.9.9, and 2.10.4, an attacker can effectively bypass the rate limit and brute force protections by exploiting the application\u0027s weak cache-based mechanism. This loophole in security can be combined with other vulnerabilities to attack the default admin account. This flaw undermines a patch for CVE-2020-8827 intended to protect against brute-force attacks. The application\u0027s brute force protection relies on a cache mechanism that tracks login attempts for each user. This cache is limited to a `defaultMaxCacheSize` of 1000 entries. An attacker can overflow this cache by bombarding it with login attempts for different users, thereby pushing out the admin account\u0027s failed attempts and effectively resetting the rate limit for that account. This is a severe vulnerability that enables attackers to perform brute force attacks at an accelerated rate, especially targeting the default admin account. Users should upgrade to version 2.8.13, 2.9.9, or 2.10.4 to receive a patch."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-18T18:42:04.701Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2vgg-9h6w-m454",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/argoproj/argo-cd/security/advisories/GHSA-2vgg-9h6w-m454"
},
{
"name": "https://github.com/argoproj/argo-cd/commit/17b0df1168a4c535f6f37e95f25ed7cd81e1fa4d",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/argoproj/argo-cd/commit/17b0df1168a4c535f6f37e95f25ed7cd81e1fa4d"
},
{
"name": "https://github.com/argoproj/argo-cd/commit/6e181d72b31522f886a2afa029d5b26d7912ec7b",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/argoproj/argo-cd/commit/6e181d72b31522f886a2afa029d5b26d7912ec7b"
},
{
"name": "https://github.com/argoproj/argo-cd/commit/cebb6538f7944c87ca2fecb5d17f8baacc431456",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/argoproj/argo-cd/commit/cebb6538f7944c87ca2fecb5d17f8baacc431456"
},
{
"name": "https://argo-cd.readthedocs.io/en/stable/security_considerations/#cve-2020-8827-insufficient-anti-automationanti-brute-force",
"tags": [
"x_refsource_MISC"
],
"url": "https://argo-cd.readthedocs.io/en/stable/security_considerations/#cve-2020-8827-insufficient-anti-automationanti-brute-force"
}
],
"source": {
"advisory": "GHSA-2vgg-9h6w-m454",
"discovery": "UNKNOWN"
},
"title": "Argo CD vulnerable to Bypassing of Rate Limit and Brute Force Protection Using Cache Overflow"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-21662",
"datePublished": "2024-03-18T18:42:04.701Z",
"dateReserved": "2023-12-29T16:10:20.367Z",
"dateUpdated": "2024-08-01T22:27:36.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22317 (GCVE-0-2024-22317)
Vulnerability from cvelistv5 – Published: 2024-01-18 13:16 – Updated: 2025-06-02 15:04
VLAI
Title
IBM App Connect Enterprise denial of service
Summary
IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143.
Severity
9.1 (Critical)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7108661 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | App Connect Enterprise |
Affected:
11.0.0.1 , ≤ 11.0.0.24
(semver)
Affected: 12.0.1.0 , ≤ 12.0.11.0 (semver) |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/7108661"
},
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279143"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22317",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:42:52.445911Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-02T15:04:02.999Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "App Connect Enterprise",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "11.0.0.24",
"status": "affected",
"version": "11.0.0.1",
"versionType": "semver"
},
{
"lessThanOrEqual": "12.0.11.0",
"status": "affected",
"version": "12.0.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143."
}
],
"value": "IBM App Connect Enterprise 11.0.0.1 through 11.0.0.24 and 12.0.1.0 through 12.0.11.0 could allow a remote attacker to obtain sensitive information or cause a denial of service due to improper restriction of excessive authentication attempts. IBM X-Force ID: 279143."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-01-18T13:16:34.298Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7108661"
},
{
"tags": [
"vdb-entry"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/279143"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM App Connect Enterprise denial of service",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-22317",
"datePublished": "2024-01-18T13:16:34.298Z",
"dateReserved": "2024-01-08T23:41:52.508Z",
"dateUpdated": "2025-06-02T15:04:02.999Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-22425 (GCVE-0-2024-22425)
Vulnerability from cvelistv5 – Published: 2024-02-16 11:14 – Updated: 2024-08-29 15:55
VLAI
Summary
Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.dell.com/support/kbdoc/en-us/00022213… | vendor-advisory |
| https://www.dell.com/support/kbdoc/en-us/00022815… | vendor-advisory |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Dell | RecoverPoint for VMs |
Affected:
5.3 SP2
Affected: 5.3 SP2 P1 Affected: 5.3 SP2 P2 Affected: 5.3 SP2 P4 Affected: 5.3 SP3 P1 Affected: 5.3 SP3 P2 Affected: 6.0.SP1 |
|
| dell | recoverpoint_for_virtual_machines |
Affected:
5.3SP2
Affected: 5.3SP2P1 Affected: 5.3SP2P2 Affected: 5.3SP2P4 Affected: 5.3 SP3P1 Affected: 5.3 SP3P2 Affected: 6.0.SP1 cpe:2.3:a:dell:recoverpoint_for_virtual_machines:*:*:*:*:*:*:*:* |
Date Public
2024-02-16 06:30
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T22:43:34.991Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:dell:recoverpoint_for_virtual_machines:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "recoverpoint_for_virtual_machines",
"vendor": "dell",
"versions": [
{
"status": "affected",
"version": "5.3SP2"
},
{
"status": "affected",
"version": "5.3SP2P1"
},
{
"status": "affected",
"version": "5.3SP2P2"
},
{
"status": "affected",
"version": "5.3SP2P4"
},
{
"status": "affected",
"version": "5.3 SP3P1"
},
{
"status": "affected",
"version": "5.3 SP3P2"
},
{
"status": "affected",
"version": "6.0.SP1"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-22425",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T15:51:03.777802Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T15:55:11.393Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "RecoverPoint for VMs",
"vendor": "Dell",
"versions": [
{
"status": "affected",
"version": "5.3 SP2"
},
{
"status": "affected",
"version": "5.3 SP2 P1"
},
{
"status": "affected",
"version": "5.3 SP2 P2"
},
{
"status": "affected",
"version": "5.3 SP2 P4"
},
{
"status": "affected",
"version": "5.3 SP3 P1"
},
{
"status": "affected",
"version": "5.3 SP3 P2"
},
{
"status": "affected",
"version": "6.0.SP1"
}
]
}
],
"datePublic": "2024-02-16T06:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner.\u003cbr\u003e"
}
],
"value": "Dell RecoverPoint for Virtual Machines 5.3.x, 6.0.SP1 contains a brute force/dictionary attack vulnerability. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to launch a brute force attack or a dictionary attack against the RecoverPoint login form. This allows attackers to brute-force the password of valid users in an automated manner."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T12:57:08.189Z",
"orgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"shortName": "dell"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000222133/dsa-2024-092-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://www.dell.com/support/kbdoc/en-us/000228154/dsa-2024-369-security-update-for-dell-recoverpoint-for-virtual-machines-multiple-vulnerabilities"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "c550e75a-17ff-4988-97f0-544cde3820fe",
"assignerShortName": "dell",
"cveId": "CVE-2024-22425",
"datePublished": "2024-02-16T11:14:47.469Z",
"dateReserved": "2024-01-10T15:23:01.337Z",
"dateUpdated": "2024-08-29T15:55:11.393Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-23106 (GCVE-0-2024-23106)
Vulnerability from cvelistv5 – Published: 2025-01-14 14:10 – Updated: 2025-02-18 21:34
VLAI
Summary
An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2.0 through 7.2.4 and before 7.0.10 allows an unauthenticated attacker to try a brute force attack against the FortiClientEMS console via crafted HTTP or HTTPS requests.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper access control
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiClientEMS |
Affected:
7.2.0 , ≤ 7.2.3
(semver)
Affected: 7.0.0 , ≤ 7.0.10 (semver) Affected: 6.4.7 , ≤ 6.4.9 (semver) Affected: 6.4.0 , ≤ 6.4.4 (semver) Affected: 6.2.6 , ≤ 6.2.9 (semver) Affected: 6.2.0 , ≤ 6.2.4 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-23106",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-14T14:18:35.297797Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-18T21:34:28.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [],
"defaultStatus": "unaffected",
"product": "FortiClientEMS",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "7.2.3",
"status": "affected",
"version": "7.2.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "7.0.10",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.9",
"status": "affected",
"version": "6.4.7",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.4.4",
"status": "affected",
"version": "6.4.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.9",
"status": "affected",
"version": "6.2.6",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.2.4",
"status": "affected",
"version": "6.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An improper restriction of excessive authentication attempts [CWE-307] in FortiClientEMS version 7.2.0 through 7.2.4 and before 7.0.10 allows an unauthenticated attacker to try a brute force attack against the FortiClientEMS console via crafted HTTP or HTTPS requests."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "Improper access control",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-14T14:10:00.950Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-23-476",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-23-476"
}
],
"solutions": [
{
"lang": "en",
"value": "Please upgrade to FortiClientEMS version 7.4.0 or above \nPlease upgrade to FortiClientEMS version 7.2.5 or above \nPlease upgrade to FortiClientEMS version 7.0.11 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2024-23106",
"datePublished": "2025-01-14T14:10:00.950Z",
"dateReserved": "2024-01-11T16:29:07.978Z",
"dateUpdated": "2025-02-18T21:34:28.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-24767 (GCVE-0-2024-24767)
Vulnerability from cvelistv5 – Published: 2024-03-06 18:06 – Updated: 2024-08-28 17:53
VLAI
Title
CasaOS Improper Restriction of Excessive Authentication Attempts vulnerability
Summary
CasaOS-UserService provides user management functionalities to CasaOS. Starting in version 0.4.4.3 and prior to version 0.4.7, CasaOS doesn't defend against password brute force attacks, which leads to having full access to the server. The web application lacks control over the login attempts. This vulnerability allows attackers to get super user-level access over the server. Version 0.4.7 contains a patch for this issue.
Severity
9.1 (Critical)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
3 references
| URL | Tags |
|---|---|
| https://github.com/IceWhaleTech/CasaOS-UserServic… | x_refsource_CONFIRM |
| https://github.com/IceWhaleTech/CasaOS-UserServic… | x_refsource_MISC |
| https://github.com/IceWhaleTech/CasaOS-UserServic… | x_refsource_MISC |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| IceWhaleTech | CasaOS-UserService |
Affected:
>= 0.4.4.3, < 0.4.7
|
|
| icewhaletech | casaos-userservice |
Affected:
0.4.4.3 , < 0.4.7
(custom)
cpe:2.3:a:icewhaletech:casaos-userservice:*:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:28:11.820Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c69x-5xmw-v44x",
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c69x-5xmw-v44x"
},
{
"name": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/62006f61b55951048dbace4ebd9e483274838699",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/62006f61b55951048dbace4ebd9e483274838699"
},
{
"name": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7",
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:icewhaletech:casaos-userservice:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "casaos-userservice",
"vendor": "icewhaletech",
"versions": [
{
"lessThan": "0.4.7",
"status": "affected",
"version": "0.4.4.3",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-24767",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-06T19:46:32.345294Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-28T17:53:11.773Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "CasaOS-UserService",
"vendor": "IceWhaleTech",
"versions": [
{
"status": "affected",
"version": "\u003e= 0.4.4.3, \u003c 0.4.7"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "CasaOS-UserService provides user management functionalities to CasaOS. Starting in version 0.4.4.3 and prior to version 0.4.7, CasaOS doesn\u0027t defend against password brute force attacks, which leads to having full access to the server. The web application lacks control over the login attempts. This vulnerability allows attackers to get super user-level access over the server. Version 0.4.7 contains a patch for this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 9.1,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-06T18:06:26.237Z",
"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"shortName": "GitHub_M"
},
"references": [
{
"name": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c69x-5xmw-v44x",
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/security/advisories/GHSA-c69x-5xmw-v44x"
},
{
"name": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/62006f61b55951048dbace4ebd9e483274838699",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/commit/62006f61b55951048dbace4ebd9e483274838699"
},
{
"name": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7",
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/IceWhaleTech/CasaOS-UserService/releases/tag/v0.4.7"
}
],
"source": {
"advisory": "GHSA-c69x-5xmw-v44x",
"discovery": "UNKNOWN"
},
"title": "CasaOS Improper Restriction of Excessive Authentication Attempts vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
"assignerShortName": "GitHub_M",
"cveId": "CVE-2024-24767",
"datePublished": "2024-03-06T18:06:26.237Z",
"dateReserved": "2024-01-29T20:51:26.013Z",
"dateUpdated": "2024-08-28T17:53:11.773Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-25031 (GCVE-0-2024-25031)
Vulnerability from cvelistv5 – Published: 2024-06-28 18:32 – Updated: 2024-08-01 23:36
VLAI
Title
IBM Storage Defender information disclosure
Summary
IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678.
Severity
6.5 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-307 - Improper Restriction of Excessive Authentication Attempts
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.ibm.com/support/pages/node/7158446 | vendor-advisory |
| https://exchange.xforce.ibmcloud.com/vulnerabilit… |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| IBM | Storage Defender - Resiliency Service |
Affected:
2.0.0 , ≤ 2.0.4
(semver)
cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.0:*:*:*:*:*:*:* cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.4:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-25031",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-07-12T20:47:52.503471Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-07-12T20:47:58.127Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T23:36:21.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.ibm.com/support/pages/node/7158446"
},
{
"tags": [
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/281678"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:ibm:storage_defender_resiliency_service:2.0.4:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "Storage Defender - Resiliency Service",
"vendor": "IBM",
"versions": [
{
"lessThanOrEqual": "2.0.4",
"status": "affected",
"version": "2.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678."
}
],
"value": "IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.4 uses an inadequate account lockout setting that could allow an attacker on the network to brute force account credentials. IBM X-Force ID: 281678."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-307",
"description": "CWE-307 Improper Restriction of Excessive Authentication Attempts",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-28T18:32:31.632Z",
"orgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"shortName": "ibm"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://www.ibm.com/support/pages/node/7158446"
},
{
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/281678"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "IBM Storage Defender information disclosure",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "9a959283-ebb5-44b6-b705-dcc2bbced522",
"assignerShortName": "ibm",
"cveId": "CVE-2024-25031",
"datePublished": "2024-06-28T18:32:31.632Z",
"dateReserved": "2024-02-03T14:49:11.963Z",
"dateUpdated": "2024-08-01T23:36:21.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
Mitigation
Phase: Architecture and Design
Description:
- Common protection mechanisms include:
- Disconnecting the user after a small number of failed attempts
- Implementing a timeout
- Locking out a targeted account
- Requiring a computational task on the user's part.
Mitigation ID: MIT-4
Phase: Architecture and Design
Strategy: Libraries or Frameworks
Description:
- Use a vetted library or framework that does not allow this weakness to occur or provides constructs that make this weakness easier to avoid [REF-1482].
- Consider using libraries with authentication capabilities such as OpenSSL or the ESAPI Authenticator. [REF-45]
CAPEC-16: Dictionary-based Password Attack
["An attacker tries each of the words in a dictionary as passwords to gain access to the system via some user's account. If the password chosen by the user was a word within the dictionary, this attack will be successful (in the absence of other mitigations). This is a specific instance of the password brute forcing attack pattern.", "Dictionary Attacks differ from similar attacks such as Password Spraying (CAPEC-565) and Credential Stuffing (CAPEC-600), since they leverage unknown username/password combinations and don't care about inducing account lockouts."]
CAPEC-49: Password Brute Forcing
An adversary tries every possible value for a password until they succeed. A brute force attack, if feasible computationally, will always be successful because it will essentially go through all possible passwords given the alphabet used (lower case letters, upper case letters, numbers, symbols, etc.) and the maximum length of the password.
CAPEC-560: Use of Known Domain Credentials
An adversary guesses or obtains (i.e. steals or purchases) legitimate credentials (e.g. userID/password) to achieve authentication and to perform authorized actions under the guise of an authenticated user or service.
CAPEC-565: Password Spraying
In a Password Spraying attack, an adversary tries a small list (e.g. 3-5) of common or expected passwords, often matching the target's complexity policy, against a known list of user accounts to gain valid credentials. The adversary tries a particular password for each user account, before moving onto the next password in the list. This approach assists the adversary in remaining undetected by avoiding rapid or frequent account lockouts. The adversary may then reattempt the process with additional passwords, once enough time has passed to prevent inducing a lockout.
CAPEC-600: Credential Stuffing
An adversary tries known username/password combinations against different systems, applications, or services to gain additional authenticated access. Credential Stuffing attacks rely upon the fact that many users leverage the same username/password combination for multiple systems, applications, and services.
CAPEC-652: Use of Known Kerberos Credentials
An adversary obtains (i.e. steals or purchases) legitimate Kerberos credentials (e.g. Kerberos service account userID/password or Kerberos Tickets) with the goal of achieving authenticated access to additional systems, applications, or services within the domain.
CAPEC-653: Use of Known Operating System Credentials
An adversary guesses or obtains (i.e. steals or purchases) legitimate operating system credentials (e.g. userID/password) to achieve authentication and to perform authorized actions on the system, under the guise of an authenticated user or service. This applies to any Operating System.