CVE-2020-24007

Critical

Umanni RH 1.0 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a…

mitre·CWE-307·Published 2020-08-26

CVSS

9.8

EPSS

0.02

KEV

Exploits

cve.orgen

192 chars

Umanni RH 1.0 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page.

NVDen

192 chars

Umanni RH 1.0 does not limit the number of authentication attempts. An unauthenticated user may exploit this vulnerability to launch a brute-force authentication attack against the Login page.

Umanni RH versión 1.0, no limita el número de intentos de autenticación. Un usuario no autenticado puede explotar esta vulnerabilidad para iniciar un ataque de autenticación de fuerza bruta contra la página de inicio de sesión

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	7.5	10.0	6.4	AV:N/AC:L/Au:N/C:P/I:P/A:P
3.1	Primary	NVD	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H