exploitDog

CVE-2024-3461

Опубликовано: 14 мая 2024

Источник: nvd

CVSS3: 6.2

CVSS3: 5.5

EPSS Низкий

Описание

KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.

Ссылки

https://cert.pl/en/posts/2024/04/CVE-2024-3459
Broken Link
Third Party Advisory
https://cert.pl/posts/2024/04/CVE-2024-3459
Broken Link
Third Party Advisory
https://www.kioware.com/
Product
https://cert.pl/en/posts/2024/04/CVE-2024-3459
Broken Link
Third Party Advisory
https://cert.pl/posts/2024/04/CVE-2024-3459
Broken Link
Third Party Advisory
https://www.kioware.com/
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:kioware:kioware:*:*:*:*:*:windows:*:*

Версия до 8.35 (включая)

EPSS

Процентиль: 1%

0.00011

Низкий

6.2 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-307

CWE-307

Связанные уязвимости

GHSA-g82j-wprp-q9q9

CVSS3: 6.2

github

больше 1 года назад

KioWare for Windows (versions all through 8.35) allows to brute force the PIN number, which protects the application from being closed, as there are no mechanisms preventing a user from excessively guessing the number.

EPSS

Процентиль: 1%

0.00011

Низкий

6.2 Medium

CVSS3

5.5 Medium

CVSS3

Дефекты

CWE-307

CWE-307