Vulnerabilities > CVE-2020-15770 - Improper Restriction of Excessive Authentication Attempts vulnerability in Gradle Enterprise 2018.5

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
local
low complexity
gradle
CWE-307

Summary

An issue was discovered in Gradle Enterprise 2018.5. An attacker can potentially make repeated attempts to guess a local user's password, due to lack of lock-out after excessive failed logins.

Vulnerable Configurations

Part Description Count
Application
Gradle
1