exploitDog

CVE-2024-22647

Опубликовано: 30 янв. 2024

Источник: nvd

CVSS3: 5.3

EPSS Низкий

Описание

An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames.

Ссылки

https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22647
Exploit
Third Party Advisory
https://github.com/cassis-sec/CVE/tree/main/2024/CVE-2024-22647
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:seopanel:seo_panel:4.10.0:*:*:*:*:*:*:*

EPSS

Процентиль: 38%

0.00168

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-203

CWE-203

Связанные уязвимости

GHSA-hj6r-9q35-32hf

CVSS3: 5.3

github

около 2 лет назад

An user enumeration vulnerability was found in SEO Panel 4.10.0. This issue occurs during user authentication, where a difference in error messages could allow an attacker to determine if a username is valid or not, enabling a brute-force attack with valid usernames.

EPSS

Процентиль: 38%

0.00168

Низкий

5.3 Medium

CVSS3

Дефекты

CWE-203

CWE-203