Описание
The application does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it possible for an attacker to guess user credentials.
Ссылки
- Vendor Advisory
- US Government Resource
- Not Applicable
- Vendor Advisory
- Vendor Advisory
- Product
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sick:baggage_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:sick:enterprise_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:sick:logistic_diagnostic_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:sick:package_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:sick:tire_analytics:*:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00204
Низкий
6.5 Medium
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-307
Связанные уязвимости
CVSS3: 6.5
github
4 месяца назад
The application does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame, making it possible for an attacker to guess user credentials.
EPSS
Процентиль: 42%
0.00204
Низкий
6.5 Medium
CVSS3
9.8 Critical
CVSS3
Дефекты
CWE-307