Описание
OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexity to protect against brute force attacks, which may allow unauthorized users to access the system after no more than a fixed maximum number of attempts.
Ссылки
- Third Party AdvisoryUS Government Resource
- Third Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:openclinic_ga_project:openclinic_ga:5.09.02:*:*:*:*:*:*:*
cpe:2.3:a:openclinic_ga_project:openclinic_ga:5.89.05b:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00214
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-287
CWE-307
Связанные уязвимости
github
больше 3 лет назад
OpenClinic GA versions 5.09.02 and 5.89.05b contain an authentication mechanism within the system that does not provide sufficient complexity to protect against brute force attacks, which may allow unauthorized users to access the system after no more than a fixed maximum number of attempts.
EPSS
Процентиль: 44%
0.00214
Низкий
9.8 Critical
CVSS3
5 Medium
CVSS2
Дефекты
CWE-287
CWE-307