CVE-2017-8827 - CERT CVE

  1. CVE-2017-8827

ID CVE-2017-8827
Sažetak forgotpassword.php in GeniXCMS 1.0.2 lacks a rate limit, which might allow remote attackers to cause a denial of service (login inability) or possibly conduct Arbitrary User Password Reset attacks via a series of requests.
Reference
CVSS
Base: 6.4
Impact: 4.9
Exploitability:10.0
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL PARTIAL
CVSS vektor AV:N/AC:L/Au:N/C:N/I:P/A:P
Zadnje važnije ažuriranje 12-05-2017 - 15:50
Objavljeno 08-05-2017 - 06:29