exploitDog

CVE-2024-45523

Опубликовано: 18 сент. 2024

Источник: nvd

CVSS3: 9.1

EPSS Низкий

Описание

An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.35950, 12.6.x before 12.6.2.37183, and 12.7.x before 12.7.1.38241. An unauthenticated attacker can cause a resource leak by issuing multiple failed login attempts through API SOAP.

Ссылки

https://www.bravurasecurity.com/cve-2024-45523-resource-leak-in-api-after-a-failed-login-attempt

EPSS

Процентиль: 49%

0.00259

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-307

Связанные уязвимости

GHSA-rggq-pvh6-78hv

CVSS3: 9.1

github

больше 1 года назад

An issue was discovered in Bravura Security Fabric versions 12.3.x before 12.3.5.32784, 12.4.x before 12.4.3.35110, 12.5.x before 12.5.2.35950, 12.6.x before 12.6.2.37183, and 12.7.x before 12.7.1.38241. An unauthenticated attacker can cause a resource leak by issuing multiple failed login attempts through API SOAP.

EPSS

Процентиль: 49%

0.00259

Низкий

9.1 Critical

CVSS3

Дефекты

CWE-307