Описание
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:t._hauck:jana_web_server:1.0:*:*:*:*:*:*:*
cpe:2.3:a:t._hauck:jana_web_server:1.45:*:*:*:*:*:*:*
cpe:2.3:a:t._hauck:jana_web_server:1.46:*:*:*:*:*:*:*
cpe:2.3:a:t._hauck:jana_web_server:2.0:*:*:*:*:*:*:*
cpe:2.3:a:t._hauck:jana_web_server:2.0_beta1:*:*:*:*:*:*:*
cpe:2.3:a:t._hauck:jana_web_server:2.0_beta2:*:*:*:*:*:*:*
cpe:2.3:a:t._hauck:jana_web_server:2.2.1:*:*:*:*:*:*:*
EPSS
Процентиль: 70%
0.00636
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.
EPSS
Процентиль: 70%
0.00636
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other