exploitDog

CVE-2022-37772

Опубликовано: 23 нояб. 2022

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.

Ссылки

http://maarch.com
Product
https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37772/README.md
Exploit
Third Party Advisory
http://maarch.com
Product
https://github.com/frame84/vulns/blob/main/MaarchRM/CVE-2022-37772/README.md
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:maarch:maarch_rm:*:*:*:*:*:*:*:*

Версия от 2.8 (включая) до 2.8.6 (исключая)

cpe:2.3:a:maarch:maarch_rm:2.9:*:*:*:*:*:*:*

EPSS

Процентиль: 64%

0.00469

Низкий

7.5 High

CVSS3

Дефекты

CWE-307

CWE-307

Связанные уязвимости

GHSA-4xrx-h5ww-f9ph

CVSS3: 7.5

github

около 3 лет назад

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. An unauthenticated remote attacker could potentially exploit this vulnerability, leading to compromised accounts.

EPSS

Процентиль: 64%

0.00469

Низкий

7.5 High

CVSS3

Дефекты

CWE-307

CWE-307