exploitDog

GHSA-hh5m-ff4f-2qxj

Опубликовано: 11 янв. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.8

Описание

HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known.

HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known.

Ссылки

EPSS

Процентиль: 22%

0.00074

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-521

Связанные уязвимости

CVE-2024-42173

CVSS3: 4.8

nvd

около 1 года назад

HCL MyXalytics is affected by an improper password policy implementation vulnerability. Weak passwords and lack of account lockout policies allow attackers to guess or brute-force passwords if the username is known.

EPSS

Процентиль: 22%

0.00074

Низкий

4.8 Medium

CVSS3

CVE ID

Дефекты

CWE-521