exploitDog

GHSA-9mjj-m5vm-p4jh

Опубликовано: 22 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 7.7

CVSS3: 7.5

Описание

Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9.

Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9.

Ссылки

EPSS

Процентиль: 42%

0.002

Низкий

7.7 High

CVSS4

7.5 High

CVSS3

CVE ID

Дефекты

CWE-307

Связанные уязвимости

CVE-2025-35041

CVSS3: 7.5

nvd

5 месяцев назад

Airship AI Acropolis allows unlimited MFA attempts for 15 minutes after a user has logged in with valid credentials. A remote attacker with valid credentials could brute-force the 6-digit MFA code. Fixed in 10.2.35, 11.0.21, and 11.1.9.

EPSS

Процентиль: 42%

0.002

Низкий

7.7 High

CVSS4

7.5 High

CVSS3

CVE ID

Дефекты

CWE-307