exploitDog

GHSA-rggq-pvh6-78hv

Опубликовано: 18 сент. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.35950, 12.6.x before 12.6.2.37183, and 12.7.x before 12.7.1.38241. An unauthenticated attacker can cause a resource leak by issuing multiple failed login attempts through API SOAP.

An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.35950, 12.6.x before 12.6.2.37183, and 12.7.x before 12.7.1.38241. An unauthenticated attacker can cause a resource leak by issuing multiple failed login attempts through API SOAP.

Ссылки

EPSS

Процентиль: 57%

0.00352

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-307

Связанные уязвимости

CVE-2024-45523

CVSS3: 9.1

nvd

больше 1 года назад

An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.35950, 12.6.x before 12.6.2.37183, and 12.7.x before 12.7.1.38241. An unauthenticated attacker can cause a resource leak by issuing multiple failed login attempts through API SOAP.

EPSS

Процентиль: 57%

0.00352

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-307