Описание
BullWall Server Intrusion Protection has a noticeable configuration-dependent delay before the MFA check for RDP connections. A remote, authenticated attacker can potentially bypass detection during this delay. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 are affected. Other versions may also be affected.
Ссылки
- Broken Link
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:bullwall:server_intrusion_protection:4.6.0.0:*:*:*:*:*:*:*
cpe:2.3:a:bullwall:server_intrusion_protection:4.6.0.6:*:*:*:*:*:*:*
cpe:2.3:a:bullwall:server_intrusion_protection:4.6.0.7:*:*:*:*:*:*:*
cpe:2.3:a:bullwall:server_intrusion_protection:4.6.1.4:*:*:*:*:*:*:*
EPSS
Процентиль: 18%
0.00056
Низкий
7.5 High
CVSS3
Дефекты
CWE-367
Связанные уязвимости
CVSS3: 6.2
github
около 2 месяцев назад
BullWall Server Intrusion Protection has a noticeable delay before the MFA check when connecting via RDP. A remote authenticated attacker with administrative privileges can potentially bypass detection during this window. Versions 4.6.0.0, 4.6.0.6, 4.6.0.7, and 4.6.1.4 were confirmed to be affected; other versions before and after may also be affected.
EPSS
Процентиль: 18%
0.00056
Низкий
7.5 High
CVSS3
Дефекты
CWE-367