Vulnerabilities > CVE-2020-15770 - Improper Restriction of Excessive Authentication Attempts vulnerability in Gradle Enterprise 2018.5

CVSS 5.5 - MEDIUM

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

local

low complexity

gradle

CWE-307

NVD

Published: 2020-09-18

Updated: 2022-09-30

Summary

An issue was discovered in Gradle Enterprise 2018.5. An attacker can potentially make repeated attempts to guess a local user's password, due to lack of lock-out after excessive failed logins.

Vulnerable Configurations

Part	Description	Count
Application	Gradle Gradle Enterprise 2018.5	1

Common Weakness Enumeration (CWE)

CWE-307 - Improper Restriction of Excessive Authentication Attempts

References

https://security.gradle.com/advisory/CVE-2020-15770
https://github.com/gradle/gradle/security/advisories